Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2017-3163 (GCVE-0-2017-3163)
Vulnerability from cvelistv5 – Published: 2017-08-30 14:00 – Updated: 2024-09-16 18:39
VLAI?
EPSS
Summary
When using the Index Replication feature, Apache Solr nodes can pull index files from a master/leader node using an HTTP API which accepts a file name. However, Solr before 5.5.4 and 6.x before 6.4.1 did not validate the file name, hence it was possible to craft a special request involving path traversal, leaving any file readable to the Solr server process exposed. Solr servers protected and restricted by firewall rules and/or authentication would not be at risk since only trusted clients and users would gain direct HTTP access.
Severity ?
No CVSS data available.
CWE
- Information Disclosure
Assigner
References
| URL | Tags | ||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Apache Software Foundation | Apache Solr |
Affected:
1.4.0 to 5.5.3
Affected: 6.0.0 to 6.4.0 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T14:16:28.303Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "RHSA-2018:1448",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1448"
},
{
"name": "RHSA-2018:1449",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1449"
},
{
"name": "RHSA-2018:1450",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1450"
},
{
"name": "RHSA-2018:1451",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1451"
},
{
"name": "[solr-user] 20170215 [SECURITY] CVE-2017-3163 Apache Solr ReplicationHandler path traversal attack",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/a6a33a186f293f9f9aecf3bd39c76252bfc49a79de4321dd2a53b488%40%3Csolr-user.lucene.apache.org%3E"
},
{
"name": "RHSA-2018:1447",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1447"
},
{
"name": "DSA-4124",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "https://www.debian.org/security/2018/dsa-4124"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Apache Solr",
"vendor": "Apache Software Foundation",
"versions": [
{
"status": "affected",
"version": "1.4.0 to 5.5.3"
},
{
"status": "affected",
"version": "6.0.0 to 6.4.0"
}
]
}
],
"datePublic": "2017-02-15T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "When using the Index Replication feature, Apache Solr nodes can pull index files from a master/leader node using an HTTP API which accepts a file name. However, Solr before 5.5.4 and 6.x before 6.4.1 did not validate the file name, hence it was possible to craft a special request involving path traversal, leaving any file readable to the Solr server process exposed. Solr servers protected and restricted by firewall rules and/or authentication would not be at risk since only trusted clients and users would gain direct HTTP access."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Information Disclosure",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-05-16T09:57:01",
"orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"shortName": "apache"
},
"references": [
{
"name": "RHSA-2018:1448",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1448"
},
{
"name": "RHSA-2018:1449",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1449"
},
{
"name": "RHSA-2018:1450",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1450"
},
{
"name": "RHSA-2018:1451",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1451"
},
{
"name": "[solr-user] 20170215 [SECURITY] CVE-2017-3163 Apache Solr ReplicationHandler path traversal attack",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/a6a33a186f293f9f9aecf3bd39c76252bfc49a79de4321dd2a53b488%40%3Csolr-user.lucene.apache.org%3E"
},
{
"name": "RHSA-2018:1447",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1447"
},
{
"name": "DSA-4124",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "https://www.debian.org/security/2018/dsa-4124"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@apache.org",
"DATE_PUBLIC": "2017-02-15T00:00:00",
"ID": "CVE-2017-3163",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Apache Solr",
"version": {
"version_data": [
{
"version_value": "1.4.0 to 5.5.3"
},
{
"version_value": "6.0.0 to 6.4.0"
}
]
}
}
]
},
"vendor_name": "Apache Software Foundation"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "When using the Index Replication feature, Apache Solr nodes can pull index files from a master/leader node using an HTTP API which accepts a file name. However, Solr before 5.5.4 and 6.x before 6.4.1 did not validate the file name, hence it was possible to craft a special request involving path traversal, leaving any file readable to the Solr server process exposed. Solr servers protected and restricted by firewall rules and/or authentication would not be at risk since only trusted clients and users would gain direct HTTP access."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Information Disclosure"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "RHSA-2018:1448",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:1448"
},
{
"name": "RHSA-2018:1449",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:1449"
},
{
"name": "RHSA-2018:1450",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:1450"
},
{
"name": "RHSA-2018:1451",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:1451"
},
{
"name": "[solr-user] 20170215 [SECURITY] CVE-2017-3163 Apache Solr ReplicationHandler path traversal attack",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/a6a33a186f293f9f9aecf3bd39c76252bfc49a79de4321dd2a53b488@%3Csolr-user.lucene.apache.org%3E"
},
{
"name": "RHSA-2018:1447",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:1447"
},
{
"name": "DSA-4124",
"refsource": "DEBIAN",
"url": "https://www.debian.org/security/2018/dsa-4124"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"assignerShortName": "apache",
"cveId": "CVE-2017-3163",
"datePublished": "2017-08-30T14:00:00Z",
"dateReserved": "2016-12-05T00:00:00",
"dateUpdated": "2024-09-16T18:39:30.795Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"fkie_nvd": {
"configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:solr:*:*:*:*:*:*:*:*\", \"versionEndIncluding\": \"5.5.3\", \"matchCriteriaId\": \"C0CB118A-E405-41E5-B25F-C151B14292A7\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:solr:6.0.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"29F3170C-C5D6-431F-A2DD-692636CF5DAB\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:solr:6.0.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"BA339070-A2BD-4559-B400-2BC2EB9923A7\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:solr:6.1.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B737CF14-C14A-4D97-B838-47EC4A2C68C8\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:solr:6.2.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"036F935D-B469-47C6-AF5D-3DFC73070753\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:solr:6.2.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"42A1A17A-32EA-40A2-9A1E-6019B493B5C1\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:solr:6.3.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"76557E9C-1F16-44D9-ACA1-F4DAEC966F05\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:solr:6.4.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"DE068A02-D47A-4C6C-BFD3-040385599CA5\"}]}]}]",
"descriptions": "[{\"lang\": \"en\", \"value\": \"When using the Index Replication feature, Apache Solr nodes can pull index files from a master/leader node using an HTTP API which accepts a file name. However, Solr before 5.5.4 and 6.x before 6.4.1 did not validate the file name, hence it was possible to craft a special request involving path traversal, leaving any file readable to the Solr server process exposed. Solr servers protected and restricted by firewall rules and/or authentication would not be at risk since only trusted clients and users would gain direct HTTP access.\"}, {\"lang\": \"es\", \"value\": \"Cuando se usa la caracter\\u00edstica Index Replication, los nodos Apache Solr pueden tomar archivos index de un nodo master/leader usando una API HTTP que acepta un nombre de archivo. Sin embargo, Solr en versiones anteriores a la 5.5.4 y en versiones 6.x anteriores a la 6.4.1 no valida el nombre de archivo, por lo que fue posible manipular una petici\\u00f3n especial que involucre un salto de ruta, dejando expuestos todos los archivos legibles en el proceso de servidor Solr. Los servidores Solr protegidos y restringidos por reglas de firewall y/o autenticaci\\u00f3n no estar\\u00edan en riesgo ya que solo los clientes y usuarios de confianza obtendr\\u00edan acceso HTTP directo.\"}]",
"id": "CVE-2017-3163",
"lastModified": "2024-11-21T03:24:57.580",
"metrics": "{\"cvssMetricV30\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.0\", \"vectorString\": \"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N\", \"baseScore\": 7.5, \"baseSeverity\": \"HIGH\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"NONE\"}, \"exploitabilityScore\": 3.9, \"impactScore\": 3.6}], \"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:L/Au:N/C:P/I:N/A:N\", \"baseScore\": 5.0, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"LOW\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"PARTIAL\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"NONE\"}, \"baseSeverity\": \"MEDIUM\", \"exploitabilityScore\": 10.0, \"impactScore\": 2.9, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
"published": "2017-08-30T14:29:00.207",
"references": "[{\"url\": \"https://access.redhat.com/errata/RHSA-2018:1447\", \"source\": \"security@apache.org\"}, {\"url\": \"https://access.redhat.com/errata/RHSA-2018:1448\", \"source\": \"security@apache.org\"}, {\"url\": \"https://access.redhat.com/errata/RHSA-2018:1449\", \"source\": \"security@apache.org\"}, {\"url\": \"https://access.redhat.com/errata/RHSA-2018:1450\", \"source\": \"security@apache.org\"}, {\"url\": \"https://access.redhat.com/errata/RHSA-2018:1451\", \"source\": \"security@apache.org\"}, {\"url\": \"https://lists.apache.org/thread.html/a6a33a186f293f9f9aecf3bd39c76252bfc49a79de4321dd2a53b488%40%3Csolr-user.lucene.apache.org%3E\", \"source\": \"security@apache.org\"}, {\"url\": \"https://www.debian.org/security/2018/dsa-4124\", \"source\": \"security@apache.org\"}, {\"url\": \"https://access.redhat.com/errata/RHSA-2018:1447\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://access.redhat.com/errata/RHSA-2018:1448\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://access.redhat.com/errata/RHSA-2018:1449\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://access.redhat.com/errata/RHSA-2018:1450\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://access.redhat.com/errata/RHSA-2018:1451\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://lists.apache.org/thread.html/a6a33a186f293f9f9aecf3bd39c76252bfc49a79de4321dd2a53b488%40%3Csolr-user.lucene.apache.org%3E\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://www.debian.org/security/2018/dsa-4124\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}]",
"sourceIdentifier": "security@apache.org",
"vulnStatus": "Modified",
"weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-22\"}]}]"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2017-3163\",\"sourceIdentifier\":\"security@apache.org\",\"published\":\"2017-08-30T14:29:00.207\",\"lastModified\":\"2025-04-20T01:37:25.860\",\"vulnStatus\":\"Deferred\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"When using the Index Replication feature, Apache Solr nodes can pull index files from a master/leader node using an HTTP API which accepts a file name. However, Solr before 5.5.4 and 6.x before 6.4.1 did not validate the file name, hence it was possible to craft a special request involving path traversal, leaving any file readable to the Solr server process exposed. Solr servers protected and restricted by firewall rules and/or authentication would not be at risk since only trusted clients and users would gain direct HTTP access.\"},{\"lang\":\"es\",\"value\":\"Cuando se usa la caracter\u00edstica Index Replication, los nodos Apache Solr pueden tomar archivos index de un nodo master/leader usando una API HTTP que acepta un nombre de archivo. Sin embargo, Solr en versiones anteriores a la 5.5.4 y en versiones 6.x anteriores a la 6.4.1 no valida el nombre de archivo, por lo que fue posible manipular una petici\u00f3n especial que involucre un salto de ruta, dejando expuestos todos los archivos legibles en el proceso de servidor Solr. Los servidores Solr protegidos y restringidos por reglas de firewall y/o autenticaci\u00f3n no estar\u00edan en riesgo ya que solo los clientes y usuarios de confianza obtendr\u00edan acceso HTTP directo.\"}],\"metrics\":{\"cvssMetricV30\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.0\",\"vectorString\":\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N\",\"baseScore\":7.5,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":3.9,\"impactScore\":3.6}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:P/I:N/A:N\",\"baseScore\":5.0,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"NONE\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":10.0,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-22\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:solr:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"5.5.3\",\"matchCriteriaId\":\"C0CB118A-E405-41E5-B25F-C151B14292A7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:solr:6.0.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"29F3170C-C5D6-431F-A2DD-692636CF5DAB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:solr:6.0.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BA339070-A2BD-4559-B400-2BC2EB9923A7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:solr:6.1.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B737CF14-C14A-4D97-B838-47EC4A2C68C8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:solr:6.2.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"036F935D-B469-47C6-AF5D-3DFC73070753\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:solr:6.2.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"42A1A17A-32EA-40A2-9A1E-6019B493B5C1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:solr:6.3.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"76557E9C-1F16-44D9-ACA1-F4DAEC966F05\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:solr:6.4.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DE068A02-D47A-4C6C-BFD3-040385599CA5\"}]}]}],\"references\":[{\"url\":\"https://access.redhat.com/errata/RHSA-2018:1447\",\"source\":\"security@apache.org\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2018:1448\",\"source\":\"security@apache.org\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2018:1449\",\"source\":\"security@apache.org\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2018:1450\",\"source\":\"security@apache.org\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2018:1451\",\"source\":\"security@apache.org\"},{\"url\":\"https://lists.apache.org/thread.html/a6a33a186f293f9f9aecf3bd39c76252bfc49a79de4321dd2a53b488%40%3Csolr-user.lucene.apache.org%3E\",\"source\":\"security@apache.org\"},{\"url\":\"https://www.debian.org/security/2018/dsa-4124\",\"source\":\"security@apache.org\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2018:1447\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2018:1448\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2018:1449\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2018:1450\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2018:1451\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.apache.org/thread.html/a6a33a186f293f9f9aecf3bd39c76252bfc49a79de4321dd2a53b488%40%3Csolr-user.lucene.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://www.debian.org/security/2018/dsa-4124\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}"
}
}
RHSA-2018:1451
Vulnerability from csaf_redhat - Published: 2018-05-14 20:51 - Updated: 2025-11-21 18:04Summary
Red Hat Security Advisory: eap6-jboss-ec2-eap security update
Notes
Topic
An update for jboss-ec2-eap is now available for Red Hat JBoss Enterprise
Application Platform 6.4 for Red Hat Enterprise Linux 6.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
The jboss-ec2-eap packages provide scripts for Red Hat JBoss Enterprise
Application Platform running on the Amazon Web Services (AWS) Elastic Compute Cloud (EC2).
With this update, the jboss-ec2-eap package has been updated to ensure
compatibility with Red Hat JBoss Enterprise Application Platform 6.4.19.
Security Fix(es):
* jackson-databind: Unsafe deserialization due to incomplete black list (incomplete fix for CVE-2017-7525) (CVE-2017-15095)
* jackson-databind: Unsafe deserialization due to incomplete black list (incomplete fix for CVE-2017-15095) (CVE-2017-17485)
* slf4j: Deserialisation vulnerability in EventData constructor can allow for arbitrary code execution (CVE-2018-8088)
* Apache ActiveMQ Artemis: Deserialization of untrusted input vulnerability (CVE-2016-4978)
* solr: Directory traversal via Index Replication HTTP API (CVE-2017-3163)
* tomcat: Incorrect handling of empty string URL in security constraints can lead to unintended exposure of resources (CVE-2018-1304)
* jackson-databind: incomplete fix for CVE-2017-7525 permits unsafe serialization via c3p0 libraries (CVE-2018-7489)
For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.
Red Hat would like to thank Liao Xinxi (NSFOCUS) for reporting CVE-2017-15095; 0c0c0f from 360观星实验室 for reporting CVE-2017-17485; and Chris McCown for reporting CVE-2018-8088.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for jboss-ec2-eap is now available for Red Hat JBoss Enterprise\nApplication Platform 6.4 for Red Hat Enterprise Linux 6.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "The jboss-ec2-eap packages provide scripts for Red Hat JBoss Enterprise\nApplication Platform running on the Amazon Web Services (AWS) Elastic Compute Cloud (EC2).\n\nWith this update, the jboss-ec2-eap package has been updated to ensure\ncompatibility with Red Hat JBoss Enterprise Application Platform 6.4.19.\n\nSecurity Fix(es):\n\n* jackson-databind: Unsafe deserialization due to incomplete black list (incomplete fix for CVE-2017-7525) (CVE-2017-15095)\n\n* jackson-databind: Unsafe deserialization due to incomplete black list (incomplete fix for CVE-2017-15095) (CVE-2017-17485)\n\n* slf4j: Deserialisation vulnerability in EventData constructor can allow for arbitrary code execution (CVE-2018-8088)\n\n* Apache ActiveMQ Artemis: Deserialization of untrusted input vulnerability (CVE-2016-4978)\n\n* solr: Directory traversal via Index Replication HTTP API (CVE-2017-3163)\n\n* tomcat: Incorrect handling of empty string URL in security constraints can lead to unintended exposure of resources (CVE-2018-1304)\n\n* jackson-databind: incomplete fix for CVE-2017-7525 permits unsafe serialization via c3p0 libraries (CVE-2018-7489)\n\nFor more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.\n\nRed Hat would like to thank Liao Xinxi (NSFOCUS) for reporting CVE-2017-15095; 0c0c0f from 360\u89c2\u661f\u5b9e\u9a8c\u5ba4 for reporting CVE-2017-17485; and Chris McCown for reporting CVE-2018-8088.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2018:1451",
"url": "https://access.redhat.com/errata/RHSA-2018:1451"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/?version=6.4",
"url": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/?version=6.4"
},
{
"category": "external",
"summary": "1379207",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1379207"
},
{
"category": "external",
"summary": "1454783",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1454783"
},
{
"category": "external",
"summary": "1506612",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1506612"
},
{
"category": "external",
"summary": "1528565",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1528565"
},
{
"category": "external",
"summary": "1548289",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1548289"
},
{
"category": "external",
"summary": "1548909",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1548909"
},
{
"category": "external",
"summary": "1549276",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1549276"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2018/rhsa-2018_1451.json"
}
],
"title": "Red Hat Security Advisory: eap6-jboss-ec2-eap security update",
"tracking": {
"current_release_date": "2025-11-21T18:04:44+00:00",
"generator": {
"date": "2025-11-21T18:04:44+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.12"
}
},
"id": "RHSA-2018:1451",
"initial_release_date": "2018-05-14T20:51:07+00:00",
"revision_history": [
{
"date": "2018-05-14T20:51:07+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2018-05-14T20:51:07+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-11-21T18:04:44+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product": {
"name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6"
}
}
}
],
"category": "product_family",
"name": "Red Hat JBoss Enterprise Application Platform"
},
{
"branches": [
{
"category": "product_version",
"name": "jboss-ec2-eap-0:7.5.20-1.Final_redhat_1.ep6.el6.src",
"product": {
"name": "jboss-ec2-eap-0:7.5.20-1.Final_redhat_1.ep6.el6.src",
"product_id": "jboss-ec2-eap-0:7.5.20-1.Final_redhat_1.ep6.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-ec2-eap@7.5.20-1.Final_redhat_1.ep6.el6?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "jboss-ec2-eap-0:7.5.20-1.Final_redhat_1.ep6.el6.noarch",
"product": {
"name": "jboss-ec2-eap-0:7.5.20-1.Final_redhat_1.ep6.el6.noarch",
"product_id": "jboss-ec2-eap-0:7.5.20-1.Final_redhat_1.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-ec2-eap@7.5.20-1.Final_redhat_1.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-ec2-eap-samples-0:7.5.20-1.Final_redhat_1.ep6.el6.noarch",
"product": {
"name": "jboss-ec2-eap-samples-0:7.5.20-1.Final_redhat_1.ep6.el6.noarch",
"product_id": "jboss-ec2-eap-samples-0:7.5.20-1.Final_redhat_1.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-ec2-eap-samples@7.5.20-1.Final_redhat_1.ep6.el6?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-ec2-eap-0:7.5.20-1.Final_redhat_1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.20-1.Final_redhat_1.ep6.el6.noarch"
},
"product_reference": "jboss-ec2-eap-0:7.5.20-1.Final_redhat_1.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-ec2-eap-0:7.5.20-1.Final_redhat_1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.20-1.Final_redhat_1.ep6.el6.src"
},
"product_reference": "jboss-ec2-eap-0:7.5.20-1.Final_redhat_1.ep6.el6.src",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-ec2-eap-samples-0:7.5.20-1.Final_redhat_1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-ec2-eap-samples-0:7.5.20-1.Final_redhat_1.ep6.el6.noarch"
},
"product_reference": "jboss-ec2-eap-samples-0:7.5.20-1.Final_redhat_1.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2016-4978",
"discovery_date": "2016-09-23T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1379207"
}
],
"notes": [
{
"category": "description",
"text": "It was found that use of a JMS ObjectMessage does not safely handle user supplied data when deserializing objects. A remote attacker could use this flaw to execute arbitrary code with the permissions of the application using a JMS ObjectMessage.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Artemis: Deserialization of untrusted input vulnerability",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.20-1.Final_redhat_1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.20-1.Final_redhat_1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-ec2-eap-samples-0:7.5.20-1.Final_redhat_1.ep6.el6.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2016-4978"
},
{
"category": "external",
"summary": "RHBZ#1379207",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1379207"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2016-4978",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-4978"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2016-4978",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2016-4978"
}
],
"release_date": "2016-09-23T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-05-14T20:51:07+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.20-1.Final_redhat_1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.20-1.Final_redhat_1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-ec2-eap-samples-0:7.5.20-1.Final_redhat_1.ep6.el6.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:1451"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:S/C:P/I:P/A:P",
"version": "2.0"
},
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:L",
"version": "3.0"
},
"products": [
"6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.20-1.Final_redhat_1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.20-1.Final_redhat_1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-ec2-eap-samples-0:7.5.20-1.Final_redhat_1.ep6.el6.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "Artemis: Deserialization of untrusted input vulnerability"
},
{
"cve": "CVE-2017-3163",
"cwe": {
"id": "CWE-22",
"name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
},
"discovery_date": "2017-05-21T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1454783"
}
],
"notes": [
{
"category": "description",
"text": "When using the Index Replication feature, Apache Solr nodes can pull index files from a master/leader node using an HTTP API which accepts a file name. However, Solr before 5.5.4 and 6.x before 6.4.1 did not validate the file name, hence it was possible to craft a special request involving path traversal, leaving any file readable to the Solr server process exposed. Solr servers protected and restricted by firewall rules and/or authentication would not be at risk since only trusted clients and users would gain direct HTTP access.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "solr: Directory traversal via Index Replication HTTP API",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.20-1.Final_redhat_1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.20-1.Final_redhat_1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-ec2-eap-samples-0:7.5.20-1.Final_redhat_1.ep6.el6.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-3163"
},
{
"category": "external",
"summary": "RHBZ#1454783",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1454783"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-3163",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3163"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-3163",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-3163"
}
],
"release_date": "2017-02-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-05-14T20:51:07+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.20-1.Final_redhat_1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.20-1.Final_redhat_1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-ec2-eap-samples-0:7.5.20-1.Final_redhat_1.ep6.el6.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:1451"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"products": [
"6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.20-1.Final_redhat_1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.20-1.Final_redhat_1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-ec2-eap-samples-0:7.5.20-1.Final_redhat_1.ep6.el6.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "solr: Directory traversal via Index Replication HTTP API"
},
{
"acknowledgments": [
{
"names": [
"Liao Xinxi"
],
"organization": "NSFOCUS"
}
],
"cve": "CVE-2017-15095",
"cwe": {
"id": "CWE-184",
"name": "Incomplete List of Disallowed Inputs"
},
"discovery_date": "2017-10-14T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1506612"
}
],
"notes": [
{
"category": "description",
"text": "A deserialization flaw was discovered in the jackson-databind which could allow an unauthenticated user to perform code execution by sending the maliciously crafted input to the readValue method of the ObjectMapper. This issue extends the previous flaw CVE-2017-7525 by blacklisting more classes that could be used maliciously.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: Unsafe deserialization due to incomplete black list (incomplete fix for CVE-2017-7525)",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue affects the versions of jackson-databind (in Satellite 6.0 and 6.1) and candlepin (which embeds a copy of jackson-databind in Satellite 6.2) as shipped with Red Hat Satellite 6.x. However the affected code is NOT used at this time:\n\nCandlepin currently uses the default type resolution configuration for the ObjectMappers it creates/uses. Nowhere in candlepin do we enable global polymorphic deserialization via enableDefaultTyping(...), therefore based on the documentation sited BZ 1462702 , candlepin should not be affected.\n\nHowever as the vulnerable software ships with the product we have marked them as vulnerable to ensure the issue is tracked.\n\nJBoss EAP 7.x only uses the vulnerable Jackson Databind library for marshalling and unmarshalling of JSON objects passed to JAX-RS webservices. Some advise about how to remain safe when using JAX-RS webservices on JBoss EAP 7.x is available here: \n\nhttps://access.redhat.com/solutions/3279231",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.20-1.Final_redhat_1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.20-1.Final_redhat_1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-ec2-eap-samples-0:7.5.20-1.Final_redhat_1.ep6.el6.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-15095"
},
{
"category": "external",
"summary": "RHBZ#1506612",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1506612"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-15095",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-15095"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-15095",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-15095"
},
{
"category": "external",
"summary": "https://access.redhat.com/solutions/3442891",
"url": "https://access.redhat.com/solutions/3442891"
}
],
"release_date": "2017-11-02T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-05-14T20:51:07+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.20-1.Final_redhat_1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.20-1.Final_redhat_1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-ec2-eap-samples-0:7.5.20-1.Final_redhat_1.ep6.el6.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:1451"
},
{
"category": "workaround",
"details": "Mitigation to this problem is to not trigger polymorphic desrialization globally by using: objectMapper.enableDefaultTyping() and rather use @JsonTypeInfo on the class property to explicitly define the type information. For more information on this issue please refer to https://www.github.com/mbechler/marshalsec/blob/master/marshalsec.pdf?raw=true",
"product_ids": [
"6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.20-1.Final_redhat_1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.20-1.Final_redhat_1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-ec2-eap-samples-0:7.5.20-1.Final_redhat_1.ep6.el6.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.20-1.Final_redhat_1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.20-1.Final_redhat_1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-ec2-eap-samples-0:7.5.20-1.Final_redhat_1.ep6.el6.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "jackson-databind: Unsafe deserialization due to incomplete black list (incomplete fix for CVE-2017-7525)"
},
{
"acknowledgments": [
{
"names": [
"0c0c0f from 360\u89c2\u661f\u5b9e\u9a8c\u5ba4"
]
}
],
"cve": "CVE-2017-17485",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2017-12-06T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1528565"
}
],
"notes": [
{
"category": "description",
"text": "A deserialization flaw was discovered in the jackson-databind which could allow an unauthenticated user to perform code execution by sending maliciously crafted input to the readValue method of ObjectMapper. This issue extends upon the previous flaws CVE-2017-7525 and CVE-2017-15095 by blacklisting more classes that could be used maliciously.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: Unsafe deserialization due to incomplete black list (incomplete fix for CVE-2017-15095)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.20-1.Final_redhat_1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.20-1.Final_redhat_1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-ec2-eap-samples-0:7.5.20-1.Final_redhat_1.ep6.el6.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-17485"
},
{
"category": "external",
"summary": "RHBZ#1528565",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1528565"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-17485",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-17485"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-17485",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-17485"
},
{
"category": "external",
"summary": "https://access.redhat.com/solutions/3442891",
"url": "https://access.redhat.com/solutions/3442891"
}
],
"release_date": "2017-12-12T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-05-14T20:51:07+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.20-1.Final_redhat_1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.20-1.Final_redhat_1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-ec2-eap-samples-0:7.5.20-1.Final_redhat_1.ep6.el6.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:1451"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.20-1.Final_redhat_1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.20-1.Final_redhat_1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-ec2-eap-samples-0:7.5.20-1.Final_redhat_1.ep6.el6.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "jackson-databind: Unsafe deserialization due to incomplete black list (incomplete fix for CVE-2017-15095)"
},
{
"cve": "CVE-2018-1304",
"cwe": {
"id": "CWE-284",
"name": "Improper Access Control"
},
"discovery_date": "2018-02-23T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1548289"
}
],
"notes": [
{
"category": "description",
"text": "The URL pattern of \"\" (the empty string) which exactly maps to the context root was not correctly handled in Apache Tomcat 9.0.0.M1 to 9.0.4, 8.5.0 to 8.5.27, 8.0.0.RC1 to 8.0.49 and 7.0.0 to 7.0.84 when used as part of a security constraint definition. This caused the constraint to be ignored. It was, therefore, possible for unauthorised users to gain access to web application resources that should have been protected. Only security constraints with a URL pattern of the empty string were affected.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "tomcat: Incorrect handling of empty string URL in security constraints can lead to unintended exposure of resources",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.20-1.Final_redhat_1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.20-1.Final_redhat_1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-ec2-eap-samples-0:7.5.20-1.Final_redhat_1.ep6.el6.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-1304"
},
{
"category": "external",
"summary": "RHBZ#1548289",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1548289"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-1304",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1304"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-1304",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-1304"
},
{
"category": "external",
"summary": "https://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.85",
"url": "https://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.85"
},
{
"category": "external",
"summary": "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.0.50",
"url": "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.0.50"
},
{
"category": "external",
"summary": "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.28",
"url": "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.28"
}
],
"release_date": "2018-01-31T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-05-14T20:51:07+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.20-1.Final_redhat_1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.20-1.Final_redhat_1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-ec2-eap-samples-0:7.5.20-1.Final_redhat_1.ep6.el6.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:1451"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.20-1.Final_redhat_1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.20-1.Final_redhat_1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-ec2-eap-samples-0:7.5.20-1.Final_redhat_1.ep6.el6.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "tomcat: Incorrect handling of empty string URL in security constraints can lead to unintended exposure of resources"
},
{
"cve": "CVE-2018-7489",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2018-02-26T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1549276"
}
],
"notes": [
{
"category": "description",
"text": "FasterXML jackson-databind before 2.7.9.3, 2.8.x before 2.8.11.1 and 2.9.x before 2.9.5 allows unauthenticated remote code execution because of an incomplete fix for the CVE-2017-7525 deserialization flaw. This is exploitable by sending maliciously crafted JSON input to the readValue method of the ObjectMapper, bypassing a blacklist that is ineffective if the c3p0 libraries are available in the classpath.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: incomplete fix for CVE-2017-7525 permits unsafe serialization via c3p0 libraries",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Subscription Asset Manager is now in a reduced support phase receiving only Critical impact security fixes. This issue has been rated as having a security impact of Moderate, and is not currently planned to be addressed in future updates.\n\nSatellite 6.2 does not support c3p0 classes. Since the latter are required for this flaw, therefore Satellite 6.2 is not affected. Satellite 6.3 and 6.4 are not affected because Candlepin does not use polymorphic deserialization.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.20-1.Final_redhat_1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.20-1.Final_redhat_1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-ec2-eap-samples-0:7.5.20-1.Final_redhat_1.ep6.el6.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-7489"
},
{
"category": "external",
"summary": "RHBZ#1549276",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1549276"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-7489",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-7489"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-7489",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-7489"
},
{
"category": "external",
"summary": "https://access.redhat.com/solutions/3442891",
"url": "https://access.redhat.com/solutions/3442891"
}
],
"release_date": "2018-02-26T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-05-14T20:51:07+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.20-1.Final_redhat_1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.20-1.Final_redhat_1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-ec2-eap-samples-0:7.5.20-1.Final_redhat_1.ep6.el6.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:1451"
},
{
"category": "workaround",
"details": "Advice on how to remain safe while using JAX-RS webservices on JBoss EAP 7.x is available here:\n\nhttps://access.redhat.com/solutions/3279231\nhttps://github.com/FasterXML/jackson-docs/wiki/JacksonPolymorphicDeserialization\n\nGeneral Mitigation: \nTry to avoid \n* Deserialization from sources you do not control\n* `enableDefaultTyping()`\n* `@JsonTypeInfo using `id.CLASS` or `id.MINIMAL_CLASS`",
"product_ids": [
"6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.20-1.Final_redhat_1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.20-1.Final_redhat_1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-ec2-eap-samples-0:7.5.20-1.Final_redhat_1.ep6.el6.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.20-1.Final_redhat_1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.20-1.Final_redhat_1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-ec2-eap-samples-0:7.5.20-1.Final_redhat_1.ep6.el6.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jackson-databind: incomplete fix for CVE-2017-7525 permits unsafe serialization via c3p0 libraries"
},
{
"acknowledgments": [
{
"names": [
"Chris McCown"
]
}
],
"cve": "CVE-2018-8088",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2018-02-26T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1548909"
}
],
"notes": [
{
"category": "description",
"text": "An XML deserialization vulnerability was discovered in slf4j\u0027s EventData, which accepts an XML serialized string and can lead to arbitrary code execution.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "slf4j: Deserialisation vulnerability in EventData constructor can allow for arbitrary code execution",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Subscription Asset Manager is now in a reduced support phase receiving only Critical impact security fixes. This issue has been rated as having a security impact of Important, and is not currently planned to be addressed in future updates.\n\nThis issue did not affect the versions of Candlepin as shipped with Red Hat Satellite 6 as Candlepin uses slf4j-api and not the affected slf4j-ext (which is not on the Candlepin classpath).\n\nRed Hat Enterprise Virtualization Manager 4.1 is affected by this issue. Updated packages that address this issue are available through the Red Hat Enterprise Linux Server channels. Virtualization Manager hosts should be subscribed to these channels and obtain the updates via `yum update`.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.20-1.Final_redhat_1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.20-1.Final_redhat_1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-ec2-eap-samples-0:7.5.20-1.Final_redhat_1.ep6.el6.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-8088"
},
{
"category": "external",
"summary": "RHBZ#1548909",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1548909"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-8088",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-8088"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-8088",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-8088"
}
],
"release_date": "2018-02-22T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-05-14T20:51:07+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.20-1.Final_redhat_1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.20-1.Final_redhat_1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-ec2-eap-samples-0:7.5.20-1.Final_redhat_1.ep6.el6.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:1451"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.20-1.Final_redhat_1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.20-1.Final_redhat_1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-ec2-eap-samples-0:7.5.20-1.Final_redhat_1.ep6.el6.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "slf4j: Deserialisation vulnerability in EventData constructor can allow for arbitrary code execution"
}
]
}
RHSA-2018:1450
Vulnerability from csaf_redhat - Published: 2018-05-14 20:36 - Updated: 2025-11-21 18:04Summary
Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 6.4.20 security update
Notes
Topic
An update is now available for Red Hat JBoss Enterprise Application Platform 6.4 for Red Hat Enterprise Linux 5.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat JBoss Enterprise Application Platform is a platform for Java
applications based on the JBoss Application Server.
This release of Red Hat JBoss Enterprise Application Platform 6.4.20 serves as a replacement for Red Hat JBoss Enterprise Application Platform 6.4.19, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References.
Security Fix(es):
* jackson-databind: Unsafe deserialization due to incomplete black list (incomplete fix for CVE-2017-7525) (CVE-2017-15095)
* jackson-databind: Unsafe deserialization due to incomplete black list (incomplete fix for CVE-2017-15095) (CVE-2017-17485)
* slf4j: Deserialisation vulnerability in EventData constructor can allow for arbitrary code execution (CVE-2018-8088)
* Apache ActiveMQ Artemis: Deserialization of untrusted input vulnerability (CVE-2016-4978)
* solr: Directory traversal via Index Replication HTTP API (CVE-2017-3163)
* tomcat: Incorrect handling of empty string URL in security constraints can lead to unintended exposure of resources (CVE-2018-1304)
* jackson-databind: incomplete fix for CVE-2017-7525 permits unsafe serialization via c3p0 libraries (CVE-2018-7489)
For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.
Red Hat would like to thank Liao Xinxi (NSFOCUS) for reporting CVE-2017-15095; 0c0c0f from 360观星实验室 for reporting CVE-2017-17485; and Chris McCown for reporting CVE-2018-8088.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update is now available for Red Hat JBoss Enterprise Application Platform 6.4 for Red Hat Enterprise Linux 5.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat JBoss Enterprise Application Platform is a platform for Java\napplications based on the JBoss Application Server.\n\nThis release of Red Hat JBoss Enterprise Application Platform 6.4.20 serves as a replacement for Red Hat JBoss Enterprise Application Platform 6.4.19, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References.\n\nSecurity Fix(es):\n\n* jackson-databind: Unsafe deserialization due to incomplete black list (incomplete fix for CVE-2017-7525) (CVE-2017-15095)\n\n* jackson-databind: Unsafe deserialization due to incomplete black list (incomplete fix for CVE-2017-15095) (CVE-2017-17485)\n\n* slf4j: Deserialisation vulnerability in EventData constructor can allow for arbitrary code execution (CVE-2018-8088)\n\n* Apache ActiveMQ Artemis: Deserialization of untrusted input vulnerability (CVE-2016-4978)\n\n* solr: Directory traversal via Index Replication HTTP API (CVE-2017-3163)\n\n* tomcat: Incorrect handling of empty string URL in security constraints can lead to unintended exposure of resources (CVE-2018-1304)\n\n* jackson-databind: incomplete fix for CVE-2017-7525 permits unsafe serialization via c3p0 libraries (CVE-2018-7489)\n\nFor more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.\n\nRed Hat would like to thank Liao Xinxi (NSFOCUS) for reporting CVE-2017-15095; 0c0c0f from 360\u89c2\u661f\u5b9e\u9a8c\u5ba4 for reporting CVE-2017-17485; and Chris McCown for reporting CVE-2018-8088.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2018:1450",
"url": "https://access.redhat.com/errata/RHSA-2018:1450"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/?version=6.4",
"url": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/?version=6.4"
},
{
"category": "external",
"summary": "1379207",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1379207"
},
{
"category": "external",
"summary": "1454783",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1454783"
},
{
"category": "external",
"summary": "1506612",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1506612"
},
{
"category": "external",
"summary": "1528565",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1528565"
},
{
"category": "external",
"summary": "1548289",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1548289"
},
{
"category": "external",
"summary": "1548909",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1548909"
},
{
"category": "external",
"summary": "1549276",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1549276"
},
{
"category": "external",
"summary": "1559009",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1559009"
},
{
"category": "external",
"summary": "1559012",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1559012"
},
{
"category": "external",
"summary": "1559017",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1559017"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2018/rhsa-2018_1450.json"
}
],
"title": "Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 6.4.20 security update",
"tracking": {
"current_release_date": "2025-11-21T18:04:43+00:00",
"generator": {
"date": "2025-11-21T18:04:43+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.12"
}
},
"id": "RHSA-2018:1450",
"initial_release_date": "2018-05-14T20:36:21+00:00",
"revision_history": [
{
"date": "2018-05-14T20:36:21+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2018-05-14T20:36:21+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-11-21T18:04:43+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product": {
"name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5"
}
}
}
],
"category": "product_family",
"name": "Red Hat JBoss Enterprise Application Platform"
},
{
"branches": [
{
"category": "product_version",
"name": "jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el5.src",
"product": {
"name": "jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el5.src",
"product_id": "jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jgroups@3.2.18-1.Final_redhat_1.1.ep6.el5?arch=src\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el5.src",
"product": {
"name": "jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el5.src",
"product_id": "jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossts@4.17.43-1.Final_redhat_1.1.ep6.el5?arch=src\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el5.src",
"product": {
"name": "jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el5.src",
"product_id": "jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossweb@7.5.28-1.Final_redhat_1.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el5.src",
"product": {
"name": "hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el5.src",
"product_id": "hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/hornetq@2.3.25-26.SP24_redhat_1.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el5.src",
"product": {
"name": "lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el5.src",
"product_id": "lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/lucene-solr@3.6.2-8.redhat_9.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el5.src",
"product": {
"name": "codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el5.src",
"product_id": "codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/codehaus-jackson@1.9.9-12.redhat_6.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el5.src",
"product": {
"name": "picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el5.src",
"product_id": "picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/picketbox@4.1.7-1.Final_redhat_1.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"product": {
"name": "jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"product_id": "jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossas-javadocs@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"product": {
"name": "jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"product_id": "jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-process-controller@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"product": {
"name": "jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"product_id": "jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-client-all@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"product": {
"name": "jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"product_id": "jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-network@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"product": {
"name": "jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"product_id": "jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-server@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"product": {
"name": "jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"product_id": "jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-picketlink@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"product": {
"name": "jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"product_id": "jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-modcluster@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"product": {
"name": "jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"product_id": "jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-version@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"product": {
"name": "jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"product_id": "jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-embedded@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"product": {
"name": "jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"product_id": "jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-jsr77@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"product": {
"name": "jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"product_id": "jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-threads@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"product": {
"name": "jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"product_id": "jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-configadmin@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"product": {
"name": "jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"product_id": "jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-security@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"product": {
"name": "jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"product_id": "jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-deployment-scanner@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"product": {
"name": "jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"product_id": "jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-appclient@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"product": {
"name": "jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"product_id": "jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-protocol@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"product": {
"name": "jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"product_id": "jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-mail@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"product": {
"name": "jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"product_id": "jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-web@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"product": {
"name": "jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"product_id": "jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-host-controller@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"product": {
"name": "jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"product_id": "jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-transactions@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"product": {
"name": "jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"product_id": "jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-jaxrs@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"product": {
"name": "jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"product_id": "jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-jpa@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"product": {
"name": "jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"product_id": "jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-clustering@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"product": {
"name": "jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"product_id": "jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-webservices@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"product": {
"name": "jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"product_id": "jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-ee-deployment@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"product": {
"name": "jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"product_id": "jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-jaxr@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"product": {
"name": "jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"product_id": "jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-osgi@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"product": {
"name": "jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"product_id": "jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-naming@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"product": {
"name": "jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"product_id": "jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-core-security@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"product": {
"name": "jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"product_id": "jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-weld@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"product": {
"name": "jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"product_id": "jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-connector@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"product": {
"name": "jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"product_id": "jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-jacorb@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"product": {
"name": "jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"product_id": "jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-jsf@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"product": {
"name": "jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"product_id": "jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-cli@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"product": {
"name": "jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"product_id": "jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-jmx@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"product": {
"name": "jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"product_id": "jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-management-client-content@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"product": {
"name": "jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"product_id": "jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-domain-http@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"product": {
"name": "jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"product_id": "jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-cmp@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"product": {
"name": "jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"product_id": "jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-system-jmx@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"product": {
"name": "jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"product_id": "jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-jdr@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"product": {
"name": "jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"product_id": "jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-controller-client@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"product": {
"name": "jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"product_id": "jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-xts@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"product": {
"name": "jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"product_id": "jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-domain-management@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"product": {
"name": "jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"product_id": "jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-remoting@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"product": {
"name": "jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"product_id": "jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-ejb3@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"product": {
"name": "jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"product_id": "jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-sar@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"product": {
"name": "jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"product_id": "jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-platform-mbean@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"product": {
"name": "jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"product_id": "jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-messaging@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"product": {
"name": "jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"product_id": "jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-osgi-configadmin@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"product": {
"name": "jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"product_id": "jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-ee@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"product": {
"name": "jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"product_id": "jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-pojo@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"product": {
"name": "jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"product_id": "jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-logging@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"product": {
"name": "jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"product_id": "jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-osgi-service@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"product": {
"name": "jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"product_id": "jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-deployment-repository@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"product": {
"name": "jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"product_id": "jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-controller@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"product": {
"name": "jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"product_id": "jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossas-domain@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"product": {
"name": "jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"product_id": "jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossas-appclient@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"product": {
"name": "jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"product_id": "jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossas-standalone@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"product": {
"name": "jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"product_id": "jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossas-product-eap@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"product": {
"name": "jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"product_id": "jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossas-welcome-content-eap@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"product": {
"name": "jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"product_id": "jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossas-bundles@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"product": {
"name": "jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"product_id": "jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossas-core@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"product": {
"name": "jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"product_id": "jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossas-modules-eap@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el5.noarch",
"product": {
"name": "jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el5.noarch",
"product_id": "jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jgroups@3.2.18-1.Final_redhat_1.1.ep6.el5?arch=noarch\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el5.noarch",
"product": {
"name": "jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el5.noarch",
"product_id": "jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossts@4.17.43-1.Final_redhat_1.1.ep6.el5?arch=noarch\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el5.noarch",
"product": {
"name": "jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el5.noarch",
"product_id": "jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossweb@7.5.28-1.Final_redhat_1.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el5.noarch",
"product": {
"name": "hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el5.noarch",
"product_id": "hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/hornetq@2.3.25-26.SP24_redhat_1.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el5.noarch",
"product": {
"name": "lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el5.noarch",
"product_id": "lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/lucene-solr@3.6.2-8.redhat_9.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el5.noarch",
"product": {
"name": "codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el5.noarch",
"product_id": "codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/codehaus-jackson-jaxrs@1.9.9-12.redhat_6.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el5.noarch",
"product": {
"name": "codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el5.noarch",
"product_id": "codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/codehaus-jackson@1.9.9-12.redhat_6.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el5.noarch",
"product": {
"name": "codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el5.noarch",
"product_id": "codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/codehaus-jackson-xc@1.9.9-12.redhat_6.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el5.noarch",
"product": {
"name": "codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el5.noarch",
"product_id": "codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/codehaus-jackson-core-asl@1.9.9-12.redhat_6.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el5.noarch",
"product": {
"name": "codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el5.noarch",
"product_id": "codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/codehaus-jackson-mapper-asl@1.9.9-12.redhat_6.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el5.noarch",
"product": {
"name": "picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el5.noarch",
"product_id": "picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/picketbox@4.1.7-1.Final_redhat_1.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"product": {
"name": "jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"product_id": "jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossas-javadocs@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"product": {
"name": "jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"product_id": "jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-process-controller@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"product": {
"name": "jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"product_id": "jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-client-all@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"product": {
"name": "jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"product_id": "jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-network@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"product": {
"name": "jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"product_id": "jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-server@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"product": {
"name": "jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"product_id": "jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-picketlink@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"product": {
"name": "jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"product_id": "jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-modcluster@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"product": {
"name": "jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"product_id": "jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-version@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"product": {
"name": "jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"product_id": "jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-embedded@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"product": {
"name": "jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"product_id": "jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-jsr77@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"product": {
"name": "jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"product_id": "jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-threads@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"product": {
"name": "jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"product_id": "jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-configadmin@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"product": {
"name": "jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"product_id": "jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-security@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"product": {
"name": "jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"product_id": "jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-deployment-scanner@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"product": {
"name": "jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"product_id": "jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-appclient@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"product": {
"name": "jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"product_id": "jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-protocol@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"product": {
"name": "jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"product_id": "jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-mail@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"product": {
"name": "jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"product_id": "jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-web@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"product": {
"name": "jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"product_id": "jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-host-controller@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"product": {
"name": "jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"product_id": "jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-transactions@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"product": {
"name": "jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"product_id": "jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-jaxrs@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"product": {
"name": "jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"product_id": "jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-jpa@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"product": {
"name": "jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"product_id": "jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-clustering@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"product": {
"name": "jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"product_id": "jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-webservices@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"product": {
"name": "jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"product_id": "jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-ee-deployment@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"product": {
"name": "jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"product_id": "jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-jaxr@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"product": {
"name": "jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"product_id": "jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-osgi@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"product": {
"name": "jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"product_id": "jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-naming@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"product": {
"name": "jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"product_id": "jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-core-security@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"product": {
"name": "jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"product_id": "jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-weld@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"product": {
"name": "jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"product_id": "jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-connector@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"product": {
"name": "jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"product_id": "jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-jacorb@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"product": {
"name": "jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"product_id": "jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-jsf@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"product": {
"name": "jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"product_id": "jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-cli@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"product": {
"name": "jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"product_id": "jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-jmx@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"product": {
"name": "jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"product_id": "jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-management-client-content@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"product": {
"name": "jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"product_id": "jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-domain-http@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"product": {
"name": "jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"product_id": "jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-cmp@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"product": {
"name": "jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"product_id": "jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-system-jmx@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"product": {
"name": "jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"product_id": "jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-jdr@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"product": {
"name": "jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"product_id": "jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-controller-client@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"product": {
"name": "jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"product_id": "jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-xts@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"product": {
"name": "jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"product_id": "jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-domain-management@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"product": {
"name": "jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"product_id": "jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-remoting@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"product": {
"name": "jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"product_id": "jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-ejb3@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"product": {
"name": "jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"product_id": "jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-sar@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"product": {
"name": "jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"product_id": "jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-platform-mbean@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"product": {
"name": "jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"product_id": "jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-messaging@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"product": {
"name": "jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"product_id": "jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-osgi-configadmin@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"product": {
"name": "jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"product_id": "jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-ee@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"product": {
"name": "jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"product_id": "jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-pojo@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"product": {
"name": "jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"product_id": "jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-logging@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"product": {
"name": "jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"product_id": "jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-osgi-service@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"product": {
"name": "jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"product_id": "jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-deployment-repository@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"product": {
"name": "jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"product_id": "jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-controller@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"product": {
"name": "jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"product_id": "jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossas-domain@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"product": {
"name": "jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"product_id": "jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossas-appclient@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"product": {
"name": "jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"product_id": "jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossas-standalone@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"product": {
"name": "jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"product_id": "jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossas-product-eap@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"product": {
"name": "jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"product_id": "jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossas-welcome-content-eap@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"product": {
"name": "jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"product_id": "jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossas-bundles@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"product": {
"name": "jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"product_id": "jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossas-core@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"product": {
"name": "jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"product_id": "jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossas-modules-eap@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el5.noarch"
},
"product_reference": "codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el5.src"
},
"product_reference": "codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el5.noarch"
},
"product_reference": "codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el5.noarch"
},
"product_reference": "codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el5.noarch"
},
"product_reference": "codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el5.noarch"
},
"product_reference": "codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el5.noarch"
},
"product_reference": "hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el5.src"
},
"product_reference": "hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch"
},
"product_reference": "jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src"
},
"product_reference": "jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch"
},
"product_reference": "jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src"
},
"product_reference": "jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch"
},
"product_reference": "jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src"
},
"product_reference": "jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch"
},
"product_reference": "jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src"
},
"product_reference": "jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch"
},
"product_reference": "jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src"
},
"product_reference": "jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch"
},
"product_reference": "jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src"
},
"product_reference": "jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch"
},
"product_reference": "jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src"
},
"product_reference": "jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch"
},
"product_reference": "jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src"
},
"product_reference": "jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch"
},
"product_reference": "jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src"
},
"product_reference": "jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch"
},
"product_reference": "jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src"
},
"product_reference": "jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch"
},
"product_reference": "jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src"
},
"product_reference": "jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch"
},
"product_reference": "jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src"
},
"product_reference": "jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch"
},
"product_reference": "jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src"
},
"product_reference": "jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch"
},
"product_reference": "jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src"
},
"product_reference": "jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch"
},
"product_reference": "jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src"
},
"product_reference": "jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch"
},
"product_reference": "jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src"
},
"product_reference": "jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch"
},
"product_reference": "jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src"
},
"product_reference": "jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch"
},
"product_reference": "jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src"
},
"product_reference": "jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch"
},
"product_reference": "jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src"
},
"product_reference": "jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch"
},
"product_reference": "jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src"
},
"product_reference": "jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch"
},
"product_reference": "jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src"
},
"product_reference": "jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch"
},
"product_reference": "jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src"
},
"product_reference": "jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch"
},
"product_reference": "jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src"
},
"product_reference": "jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch"
},
"product_reference": "jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src"
},
"product_reference": "jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch"
},
"product_reference": "jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src"
},
"product_reference": "jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch"
},
"product_reference": "jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src"
},
"product_reference": "jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch"
},
"product_reference": "jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src"
},
"product_reference": "jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch"
},
"product_reference": "jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src"
},
"product_reference": "jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch"
},
"product_reference": "jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src"
},
"product_reference": "jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch"
},
"product_reference": "jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src"
},
"product_reference": "jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch"
},
"product_reference": "jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src"
},
"product_reference": "jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch"
},
"product_reference": "jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src"
},
"product_reference": "jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch"
},
"product_reference": "jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src"
},
"product_reference": "jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch"
},
"product_reference": "jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src"
},
"product_reference": "jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch"
},
"product_reference": "jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src"
},
"product_reference": "jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch"
},
"product_reference": "jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src"
},
"product_reference": "jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch"
},
"product_reference": "jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src"
},
"product_reference": "jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch"
},
"product_reference": "jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src"
},
"product_reference": "jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch"
},
"product_reference": "jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src"
},
"product_reference": "jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch"
},
"product_reference": "jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src"
},
"product_reference": "jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch"
},
"product_reference": "jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src"
},
"product_reference": "jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch"
},
"product_reference": "jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src"
},
"product_reference": "jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch"
},
"product_reference": "jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src"
},
"product_reference": "jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch"
},
"product_reference": "jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src"
},
"product_reference": "jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch"
},
"product_reference": "jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src"
},
"product_reference": "jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch"
},
"product_reference": "jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src"
},
"product_reference": "jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch"
},
"product_reference": "jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src"
},
"product_reference": "jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch"
},
"product_reference": "jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src"
},
"product_reference": "jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch"
},
"product_reference": "jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src"
},
"product_reference": "jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch"
},
"product_reference": "jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src"
},
"product_reference": "jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch"
},
"product_reference": "jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src"
},
"product_reference": "jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch"
},
"product_reference": "jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src"
},
"product_reference": "jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch"
},
"product_reference": "jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src"
},
"product_reference": "jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch"
},
"product_reference": "jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src"
},
"product_reference": "jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch"
},
"product_reference": "jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src"
},
"product_reference": "jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch"
},
"product_reference": "jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src"
},
"product_reference": "jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch"
},
"product_reference": "jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src"
},
"product_reference": "jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch"
},
"product_reference": "jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src"
},
"product_reference": "jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch"
},
"product_reference": "jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src"
},
"product_reference": "jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch"
},
"product_reference": "jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src"
},
"product_reference": "jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch"
},
"product_reference": "jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src"
},
"product_reference": "jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch"
},
"product_reference": "jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src"
},
"product_reference": "jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch"
},
"product_reference": "jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src"
},
"product_reference": "jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el5.noarch"
},
"product_reference": "jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el5.src"
},
"product_reference": "jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el5.noarch"
},
"product_reference": "jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el5.src"
},
"product_reference": "jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el5.noarch"
},
"product_reference": "jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el5.src"
},
"product_reference": "jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el5.noarch"
},
"product_reference": "lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el5.src"
},
"product_reference": "lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el5.noarch"
},
"product_reference": "picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el5.src"
},
"product_reference": "picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2016-4978",
"discovery_date": "2016-09-23T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1379207"
}
],
"notes": [
{
"category": "description",
"text": "It was found that use of a JMS ObjectMessage does not safely handle user supplied data when deserializing objects. A remote attacker could use this flaw to execute arbitrary code with the permissions of the application using a JMS ObjectMessage.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Artemis: Deserialization of untrusted input vulnerability",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el5.src",
"5Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el5.src",
"5Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el5.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2016-4978"
},
{
"category": "external",
"summary": "RHBZ#1379207",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1379207"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2016-4978",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-4978"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2016-4978",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2016-4978"
}
],
"release_date": "2016-09-23T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-05-14T20:36:21+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el5.src",
"5Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el5.src",
"5Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el5.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:1450"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:S/C:P/I:P/A:P",
"version": "2.0"
},
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:L",
"version": "3.0"
},
"products": [
"5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el5.src",
"5Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el5.src",
"5Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el5.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "Artemis: Deserialization of untrusted input vulnerability"
},
{
"cve": "CVE-2017-3163",
"cwe": {
"id": "CWE-22",
"name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
},
"discovery_date": "2017-05-21T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1454783"
}
],
"notes": [
{
"category": "description",
"text": "When using the Index Replication feature, Apache Solr nodes can pull index files from a master/leader node using an HTTP API which accepts a file name. However, Solr before 5.5.4 and 6.x before 6.4.1 did not validate the file name, hence it was possible to craft a special request involving path traversal, leaving any file readable to the Solr server process exposed. Solr servers protected and restricted by firewall rules and/or authentication would not be at risk since only trusted clients and users would gain direct HTTP access.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "solr: Directory traversal via Index Replication HTTP API",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el5.src",
"5Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el5.src",
"5Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el5.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-3163"
},
{
"category": "external",
"summary": "RHBZ#1454783",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1454783"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-3163",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3163"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-3163",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-3163"
}
],
"release_date": "2017-02-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-05-14T20:36:21+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el5.src",
"5Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el5.src",
"5Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el5.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:1450"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"products": [
"5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el5.src",
"5Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el5.src",
"5Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el5.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "solr: Directory traversal via Index Replication HTTP API"
},
{
"acknowledgments": [
{
"names": [
"Liao Xinxi"
],
"organization": "NSFOCUS"
}
],
"cve": "CVE-2017-7525",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2017-06-16T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1462702"
}
],
"notes": [
{
"category": "description",
"text": "A deserialization flaw was discovered in the jackson-databind which could allow an unauthenticated user to perform code execution by sending the maliciously crafted input to the readValue method of the ObjectMapper.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: Deserialization vulnerability via readValue method of ObjectMapper",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue affects the versions of jackson-databind (in Satellite 6.0 and 6.1) and candlepin (which embeds a copy of jackson-databind in Satellite 6.2) as shipped with Red Hat Satellite 6.x. However the affected code is NOT used at this time:\n\nCandlepin currently uses the default type resolution configuration for the ObjectMappers it creates/uses. Nowhere in candlepin do we enable global polymorphic deserialization via enableDefaultTyping(...), therefore based on the documentation sited BZ 1462702 , candlepin should not be affected.\n\nHowever as the vulnerable software ships with the product we have marked them as vulnerable to ensure the issue is tracked.\n\nJBoss EAP 7.x only uses the vulnerable Jackson Databind library for marshalling and unmarshalling of JSON objects passed to JAX-RS webservices. Some advise about how to remain safe when using JAX-RS webservices on JBoss EAP 7.x is available here: \n\nhttps://access.redhat.com/solutions/3279231\n\nAlthough JBoss Fuse ships the vulnerable version of jackson-databind, it does not call on enableDefaultTyping() for any polymorphic deserialization operations which is the root cause of this vulnerability. We have raised a Jira tracker to ensure that jackson-databind will be upgraded for Fuse 7.0, however due to feasibility issues jackson-databind cannot be upgraded in JBoss Fuse 6.3.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el5.src",
"5Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el5.src",
"5Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el5.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-7525"
},
{
"category": "external",
"summary": "RHBZ#1462702",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1462702"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-7525",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-7525"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-7525",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-7525"
}
],
"release_date": "2017-07-14T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-05-14T20:36:21+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el5.src",
"5Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el5.src",
"5Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el5.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:1450"
},
{
"category": "workaround",
"details": "Mitigation to this problem is to not trigger polymorphic desrialization globally by using: objectMapper.enableDefaultTyping() and rather use @JsonTypeInfo on the class property to explicitly define the type information. For more information on this issue please refer to https://www.github.com/mbechler/marshalsec/blob/master/marshalsec.pdf?raw=true",
"product_ids": [
"5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el5.src",
"5Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el5.src",
"5Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el5.src"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el5.src",
"5Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el5.src",
"5Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el5.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "jackson-databind: Deserialization vulnerability via readValue method of ObjectMapper"
},
{
"acknowledgments": [
{
"names": [
"Liao Xinxi"
],
"organization": "NSFOCUS"
}
],
"cve": "CVE-2017-15095",
"cwe": {
"id": "CWE-184",
"name": "Incomplete List of Disallowed Inputs"
},
"discovery_date": "2017-10-14T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1506612"
}
],
"notes": [
{
"category": "description",
"text": "A deserialization flaw was discovered in the jackson-databind which could allow an unauthenticated user to perform code execution by sending the maliciously crafted input to the readValue method of the ObjectMapper. This issue extends the previous flaw CVE-2017-7525 by blacklisting more classes that could be used maliciously.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: Unsafe deserialization due to incomplete black list (incomplete fix for CVE-2017-7525)",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue affects the versions of jackson-databind (in Satellite 6.0 and 6.1) and candlepin (which embeds a copy of jackson-databind in Satellite 6.2) as shipped with Red Hat Satellite 6.x. However the affected code is NOT used at this time:\n\nCandlepin currently uses the default type resolution configuration for the ObjectMappers it creates/uses. Nowhere in candlepin do we enable global polymorphic deserialization via enableDefaultTyping(...), therefore based on the documentation sited BZ 1462702 , candlepin should not be affected.\n\nHowever as the vulnerable software ships with the product we have marked them as vulnerable to ensure the issue is tracked.\n\nJBoss EAP 7.x only uses the vulnerable Jackson Databind library for marshalling and unmarshalling of JSON objects passed to JAX-RS webservices. Some advise about how to remain safe when using JAX-RS webservices on JBoss EAP 7.x is available here: \n\nhttps://access.redhat.com/solutions/3279231",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el5.src",
"5Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el5.src",
"5Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el5.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-15095"
},
{
"category": "external",
"summary": "RHBZ#1506612",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1506612"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-15095",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-15095"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-15095",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-15095"
},
{
"category": "external",
"summary": "https://access.redhat.com/solutions/3442891",
"url": "https://access.redhat.com/solutions/3442891"
}
],
"release_date": "2017-11-02T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-05-14T20:36:21+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el5.src",
"5Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el5.src",
"5Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el5.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:1450"
},
{
"category": "workaround",
"details": "Mitigation to this problem is to not trigger polymorphic desrialization globally by using: objectMapper.enableDefaultTyping() and rather use @JsonTypeInfo on the class property to explicitly define the type information. For more information on this issue please refer to https://www.github.com/mbechler/marshalsec/blob/master/marshalsec.pdf?raw=true",
"product_ids": [
"5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el5.src",
"5Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el5.src",
"5Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el5.src"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el5.src",
"5Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el5.src",
"5Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el5.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "jackson-databind: Unsafe deserialization due to incomplete black list (incomplete fix for CVE-2017-7525)"
},
{
"acknowledgments": [
{
"names": [
"0c0c0f from 360\u89c2\u661f\u5b9e\u9a8c\u5ba4"
]
}
],
"cve": "CVE-2017-17485",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2017-12-06T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1528565"
}
],
"notes": [
{
"category": "description",
"text": "A deserialization flaw was discovered in the jackson-databind which could allow an unauthenticated user to perform code execution by sending maliciously crafted input to the readValue method of ObjectMapper. This issue extends upon the previous flaws CVE-2017-7525 and CVE-2017-15095 by blacklisting more classes that could be used maliciously.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: Unsafe deserialization due to incomplete black list (incomplete fix for CVE-2017-15095)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el5.src",
"5Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el5.src",
"5Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el5.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-17485"
},
{
"category": "external",
"summary": "RHBZ#1528565",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1528565"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-17485",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-17485"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-17485",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-17485"
},
{
"category": "external",
"summary": "https://access.redhat.com/solutions/3442891",
"url": "https://access.redhat.com/solutions/3442891"
}
],
"release_date": "2017-12-12T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-05-14T20:36:21+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el5.src",
"5Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el5.src",
"5Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el5.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:1450"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el5.src",
"5Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el5.src",
"5Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el5.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "jackson-databind: Unsafe deserialization due to incomplete black list (incomplete fix for CVE-2017-15095)"
},
{
"cve": "CVE-2018-1304",
"cwe": {
"id": "CWE-284",
"name": "Improper Access Control"
},
"discovery_date": "2018-02-23T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1548289"
}
],
"notes": [
{
"category": "description",
"text": "The URL pattern of \"\" (the empty string) which exactly maps to the context root was not correctly handled in Apache Tomcat 9.0.0.M1 to 9.0.4, 8.5.0 to 8.5.27, 8.0.0.RC1 to 8.0.49 and 7.0.0 to 7.0.84 when used as part of a security constraint definition. This caused the constraint to be ignored. It was, therefore, possible for unauthorised users to gain access to web application resources that should have been protected. Only security constraints with a URL pattern of the empty string were affected.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "tomcat: Incorrect handling of empty string URL in security constraints can lead to unintended exposure of resources",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el5.src",
"5Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el5.src",
"5Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el5.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-1304"
},
{
"category": "external",
"summary": "RHBZ#1548289",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1548289"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-1304",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1304"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-1304",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-1304"
},
{
"category": "external",
"summary": "https://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.85",
"url": "https://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.85"
},
{
"category": "external",
"summary": "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.0.50",
"url": "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.0.50"
},
{
"category": "external",
"summary": "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.28",
"url": "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.28"
}
],
"release_date": "2018-01-31T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-05-14T20:36:21+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el5.src",
"5Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el5.src",
"5Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el5.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:1450"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el5.src",
"5Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el5.src",
"5Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el5.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "tomcat: Incorrect handling of empty string URL in security constraints can lead to unintended exposure of resources"
},
{
"cve": "CVE-2018-7489",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2018-02-26T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1549276"
}
],
"notes": [
{
"category": "description",
"text": "FasterXML jackson-databind before 2.7.9.3, 2.8.x before 2.8.11.1 and 2.9.x before 2.9.5 allows unauthenticated remote code execution because of an incomplete fix for the CVE-2017-7525 deserialization flaw. This is exploitable by sending maliciously crafted JSON input to the readValue method of the ObjectMapper, bypassing a blacklist that is ineffective if the c3p0 libraries are available in the classpath.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: incomplete fix for CVE-2017-7525 permits unsafe serialization via c3p0 libraries",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Subscription Asset Manager is now in a reduced support phase receiving only Critical impact security fixes. This issue has been rated as having a security impact of Moderate, and is not currently planned to be addressed in future updates.\n\nSatellite 6.2 does not support c3p0 classes. Since the latter are required for this flaw, therefore Satellite 6.2 is not affected. Satellite 6.3 and 6.4 are not affected because Candlepin does not use polymorphic deserialization.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el5.src",
"5Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el5.src",
"5Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el5.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-7489"
},
{
"category": "external",
"summary": "RHBZ#1549276",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1549276"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-7489",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-7489"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-7489",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-7489"
},
{
"category": "external",
"summary": "https://access.redhat.com/solutions/3442891",
"url": "https://access.redhat.com/solutions/3442891"
}
],
"release_date": "2018-02-26T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-05-14T20:36:21+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el5.src",
"5Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el5.src",
"5Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el5.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:1450"
},
{
"category": "workaround",
"details": "Advice on how to remain safe while using JAX-RS webservices on JBoss EAP 7.x is available here:\n\nhttps://access.redhat.com/solutions/3279231\nhttps://github.com/FasterXML/jackson-docs/wiki/JacksonPolymorphicDeserialization\n\nGeneral Mitigation: \nTry to avoid \n* Deserialization from sources you do not control\n* `enableDefaultTyping()`\n* `@JsonTypeInfo using `id.CLASS` or `id.MINIMAL_CLASS`",
"product_ids": [
"5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el5.src",
"5Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el5.src",
"5Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el5.src"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el5.src",
"5Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el5.src",
"5Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el5.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jackson-databind: incomplete fix for CVE-2017-7525 permits unsafe serialization via c3p0 libraries"
},
{
"acknowledgments": [
{
"names": [
"Chris McCown"
]
}
],
"cve": "CVE-2018-8088",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2018-02-26T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1548909"
}
],
"notes": [
{
"category": "description",
"text": "An XML deserialization vulnerability was discovered in slf4j\u0027s EventData, which accepts an XML serialized string and can lead to arbitrary code execution.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "slf4j: Deserialisation vulnerability in EventData constructor can allow for arbitrary code execution",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Subscription Asset Manager is now in a reduced support phase receiving only Critical impact security fixes. This issue has been rated as having a security impact of Important, and is not currently planned to be addressed in future updates.\n\nThis issue did not affect the versions of Candlepin as shipped with Red Hat Satellite 6 as Candlepin uses slf4j-api and not the affected slf4j-ext (which is not on the Candlepin classpath).\n\nRed Hat Enterprise Virtualization Manager 4.1 is affected by this issue. Updated packages that address this issue are available through the Red Hat Enterprise Linux Server channels. Virtualization Manager hosts should be subscribed to these channels and obtain the updates via `yum update`.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el5.src",
"5Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el5.src",
"5Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el5.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-8088"
},
{
"category": "external",
"summary": "RHBZ#1548909",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1548909"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-8088",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-8088"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-8088",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-8088"
}
],
"release_date": "2018-02-22T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-05-14T20:36:21+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el5.src",
"5Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el5.src",
"5Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el5.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:1450"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el5.src",
"5Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el5.src",
"5Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el5.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "slf4j: Deserialisation vulnerability in EventData constructor can allow for arbitrary code execution"
}
]
}
RHSA-2018_1447
Vulnerability from csaf_redhat - Published: 2018-05-14 20:15 - Updated: 2024-12-08 10:57Summary
Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 6.4.20 security update
Notes
Topic
Updated packages that provide Red Hat JBoss Enterprise Application Platform
6.4.20, fixes several bugs, and adds various enhancements are now available from the Red Hat Customer Portal.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat JBoss Enterprise Application Platform is a platform for Java
applications based on the JBoss Application Server.
This release of Red Hat JBoss Enterprise Application Platform 6.4.20 serves as a replacement for Red Hat JBoss Enterprise Application Platform 6.4.19, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References.
Security Fix(es):
* jackson-databind: Unsafe deserialization due to incomplete black list (incomplete fix for CVE-2017-7525) (CVE-2017-15095)
* jackson-databind: Unsafe deserialization due to incomplete black list (incomplete fix for CVE-2017-15095) (CVE-2017-17485)
* slf4j: Deserialisation vulnerability in EventData constructor can allow for arbitrary code execution (CVE-2018-8088)
* Apache ActiveMQ Artemis: Deserialization of untrusted input vulnerability (CVE-2016-4978)
* solr: Directory traversal via Index Replication HTTP API (CVE-2017-3163)
* tomcat: Incorrect handling of empty string URL in security constraints can lead to unintended exposure of resources (CVE-2018-1304)
* jackson-databind: incomplete fix for CVE-2017-7525 permits unsafe serialization via c3p0 libraries (CVE-2018-7489)
For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.
Red Hat would like to thank Liao Xinxi (NSFOCUS) for reporting CVE-2017-15095; 0c0c0f from 360观星实验室 for reporting CVE-2017-17485; and Chris McCown for reporting CVE-2018-8088.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Updated packages that provide Red Hat JBoss Enterprise Application Platform\n6.4.20, fixes several bugs, and adds various enhancements are now available from the Red Hat Customer Portal.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat JBoss Enterprise Application Platform is a platform for Java\napplications based on the JBoss Application Server.\n\nThis release of Red Hat JBoss Enterprise Application Platform 6.4.20 serves as a replacement for Red Hat JBoss Enterprise Application Platform 6.4.19, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References.\n\nSecurity Fix(es):\n\n* jackson-databind: Unsafe deserialization due to incomplete black list (incomplete fix for CVE-2017-7525) (CVE-2017-15095)\n\n* jackson-databind: Unsafe deserialization due to incomplete black list (incomplete fix for CVE-2017-15095) (CVE-2017-17485)\n\n* slf4j: Deserialisation vulnerability in EventData constructor can allow for arbitrary code execution (CVE-2018-8088)\n\n* Apache ActiveMQ Artemis: Deserialization of untrusted input vulnerability (CVE-2016-4978)\n\n* solr: Directory traversal via Index Replication HTTP API (CVE-2017-3163)\n\n* tomcat: Incorrect handling of empty string URL in security constraints can lead to unintended exposure of resources (CVE-2018-1304)\n\n* jackson-databind: incomplete fix for CVE-2017-7525 permits unsafe serialization via c3p0 libraries (CVE-2018-7489)\n\nFor more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.\n\nRed Hat would like to thank Liao Xinxi (NSFOCUS) for reporting CVE-2017-15095; 0c0c0f from 360\u89c2\u661f\u5b9e\u9a8c\u5ba4 for reporting CVE-2017-17485; and Chris McCown for reporting CVE-2018-8088.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2018:1447",
"url": "https://access.redhat.com/errata/RHSA-2018:1447"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?product=appplatform\u0026downloadType=securityPatches\u0026version=6.4",
"url": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?product=appplatform\u0026downloadType=securityPatches\u0026version=6.4"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/?version=6.4",
"url": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/?version=6.4"
},
{
"category": "external",
"summary": "1379207",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1379207"
},
{
"category": "external",
"summary": "1454783",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1454783"
},
{
"category": "external",
"summary": "1506612",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1506612"
},
{
"category": "external",
"summary": "1528565",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1528565"
},
{
"category": "external",
"summary": "1548289",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1548289"
},
{
"category": "external",
"summary": "1548909",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1548909"
},
{
"category": "external",
"summary": "1549276",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1549276"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2018/rhsa-2018_1447.json"
}
],
"title": "Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 6.4.20 security update",
"tracking": {
"current_release_date": "2024-12-08T10:57:34+00:00",
"generator": {
"date": "2024-12-08T10:57:34+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.3"
}
},
"id": "RHSA-2018:1447",
"initial_release_date": "2018-05-14T20:15:33+00:00",
"revision_history": [
{
"date": "2018-05-14T20:15:33+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2018-05-14T20:15:33+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-12-08T10:57:34+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat JBoss Enterprise Application Platform 6.4",
"product": {
"name": "Red Hat JBoss Enterprise Application Platform 6.4",
"product_id": "Red Hat JBoss Enterprise Application Platform 6.4",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6.4"
}
}
}
],
"category": "product_family",
"name": "Red Hat JBoss Enterprise Application Platform"
}
],
"category": "vendor",
"name": "Red Hat"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2016-4978",
"discovery_date": "2016-09-23T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1379207"
}
],
"notes": [
{
"category": "description",
"text": "It was found that use of a JMS ObjectMessage does not safely handle user supplied data when deserializing objects. A remote attacker could use this flaw to execute arbitrary code with the permissions of the application using a JMS ObjectMessage.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Artemis: Deserialization of untrusted input vulnerability",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss Enterprise Application Platform 6.4"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2016-4978"
},
{
"category": "external",
"summary": "RHBZ#1379207",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1379207"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2016-4978",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-4978"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2016-4978",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2016-4978"
}
],
"release_date": "2016-09-23T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-05-14T20:15:33+00:00",
"details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nThe References section of this erratum contains a download link (you must log in to download the update).\n\nThe JBoss server process must be restarted for the update to take effect.",
"product_ids": [
"Red Hat JBoss Enterprise Application Platform 6.4"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:1447"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:S/C:P/I:P/A:P",
"version": "2.0"
},
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:L",
"version": "3.0"
},
"products": [
"Red Hat JBoss Enterprise Application Platform 6.4"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "Artemis: Deserialization of untrusted input vulnerability"
},
{
"cve": "CVE-2017-3163",
"cwe": {
"id": "CWE-22",
"name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
},
"discovery_date": "2017-05-21T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1454783"
}
],
"notes": [
{
"category": "description",
"text": "When using the Index Replication feature, Apache Solr nodes can pull index files from a master/leader node using an HTTP API which accepts a file name. However, Solr before 5.5.4 and 6.x before 6.4.1 did not validate the file name, hence it was possible to craft a special request involving path traversal, leaving any file readable to the Solr server process exposed. Solr servers protected and restricted by firewall rules and/or authentication would not be at risk since only trusted clients and users would gain direct HTTP access.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "solr: Directory traversal via Index Replication HTTP API",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss Enterprise Application Platform 6.4"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-3163"
},
{
"category": "external",
"summary": "RHBZ#1454783",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1454783"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-3163",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3163"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-3163",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-3163"
}
],
"release_date": "2017-02-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-05-14T20:15:33+00:00",
"details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nThe References section of this erratum contains a download link (you must log in to download the update).\n\nThe JBoss server process must be restarted for the update to take effect.",
"product_ids": [
"Red Hat JBoss Enterprise Application Platform 6.4"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:1447"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"products": [
"Red Hat JBoss Enterprise Application Platform 6.4"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "solr: Directory traversal via Index Replication HTTP API"
},
{
"acknowledgments": [
{
"names": [
"Liao Xinxi"
],
"organization": "NSFOCUS"
}
],
"cve": "CVE-2017-15095",
"cwe": {
"id": "CWE-184",
"name": "Incomplete List of Disallowed Inputs"
},
"discovery_date": "2017-10-14T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1506612"
}
],
"notes": [
{
"category": "description",
"text": "A deserialization flaw was discovered in the jackson-databind which could allow an unauthenticated user to perform code execution by sending the maliciously crafted input to the readValue method of the ObjectMapper. This issue extends the previous flaw CVE-2017-7525 by blacklisting more classes that could be used maliciously.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: Unsafe deserialization due to incomplete black list (incomplete fix for CVE-2017-7525)",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue affects the versions of jackson-databind (in Satellite 6.0 and 6.1) and candlepin (which embeds a copy of jackson-databind in Satellite 6.2) as shipped with Red Hat Satellite 6.x. However the affected code is NOT used at this time:\n\nCandlepin currently uses the default type resolution configuration for the ObjectMappers it creates/uses. Nowhere in candlepin do we enable global polymorphic deserialization via enableDefaultTyping(...), therefore based on the documentation sited BZ 1462702 , candlepin should not be affected.\n\nHowever as the vulnerable software ships with the product we have marked them as vulnerable to ensure the issue is tracked.\n\nJBoss EAP 7.x only uses the vulnerable Jackson Databind library for marshalling and unmarshalling of JSON objects passed to JAX-RS webservices. Some advise about how to remain safe when using JAX-RS webservices on JBoss EAP 7.x is available here: \n\nhttps://access.redhat.com/solutions/3279231",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss Enterprise Application Platform 6.4"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-15095"
},
{
"category": "external",
"summary": "RHBZ#1506612",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1506612"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-15095",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-15095"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-15095",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-15095"
},
{
"category": "external",
"summary": "https://access.redhat.com/solutions/3442891",
"url": "https://access.redhat.com/solutions/3442891"
}
],
"release_date": "2017-11-02T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-05-14T20:15:33+00:00",
"details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nThe References section of this erratum contains a download link (you must log in to download the update).\n\nThe JBoss server process must be restarted for the update to take effect.",
"product_ids": [
"Red Hat JBoss Enterprise Application Platform 6.4"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:1447"
},
{
"category": "workaround",
"details": "Mitigation to this problem is to not trigger polymorphic desrialization globally by using: objectMapper.enableDefaultTyping() and rather use @JsonTypeInfo on the class property to explicitly define the type information. For more information on this issue please refer to https://www.github.com/mbechler/marshalsec/blob/master/marshalsec.pdf?raw=true",
"product_ids": [
"Red Hat JBoss Enterprise Application Platform 6.4"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"Red Hat JBoss Enterprise Application Platform 6.4"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "jackson-databind: Unsafe deserialization due to incomplete black list (incomplete fix for CVE-2017-7525)"
},
{
"acknowledgments": [
{
"names": [
"0c0c0f from 360\u89c2\u661f\u5b9e\u9a8c\u5ba4"
]
}
],
"cve": "CVE-2017-17485",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2017-12-06T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1528565"
}
],
"notes": [
{
"category": "description",
"text": "A deserialization flaw was discovered in the jackson-databind which could allow an unauthenticated user to perform code execution by sending maliciously crafted input to the readValue method of ObjectMapper. This issue extends upon the previous flaws CVE-2017-7525 and CVE-2017-15095 by blacklisting more classes that could be used maliciously.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: Unsafe deserialization due to incomplete black list (incomplete fix for CVE-2017-15095)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss Enterprise Application Platform 6.4"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-17485"
},
{
"category": "external",
"summary": "RHBZ#1528565",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1528565"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-17485",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-17485"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-17485",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-17485"
},
{
"category": "external",
"summary": "https://access.redhat.com/solutions/3442891",
"url": "https://access.redhat.com/solutions/3442891"
}
],
"release_date": "2017-12-12T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-05-14T20:15:33+00:00",
"details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nThe References section of this erratum contains a download link (you must log in to download the update).\n\nThe JBoss server process must be restarted for the update to take effect.",
"product_ids": [
"Red Hat JBoss Enterprise Application Platform 6.4"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:1447"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"Red Hat JBoss Enterprise Application Platform 6.4"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "jackson-databind: Unsafe deserialization due to incomplete black list (incomplete fix for CVE-2017-15095)"
},
{
"cve": "CVE-2018-1304",
"cwe": {
"id": "CWE-284",
"name": "Improper Access Control"
},
"discovery_date": "2018-02-23T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1548289"
}
],
"notes": [
{
"category": "description",
"text": "The URL pattern of \"\" (the empty string) which exactly maps to the context root was not correctly handled in Apache Tomcat 9.0.0.M1 to 9.0.4, 8.5.0 to 8.5.27, 8.0.0.RC1 to 8.0.49 and 7.0.0 to 7.0.84 when used as part of a security constraint definition. This caused the constraint to be ignored. It was, therefore, possible for unauthorised users to gain access to web application resources that should have been protected. Only security constraints with a URL pattern of the empty string were affected.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "tomcat: Incorrect handling of empty string URL in security constraints can lead to unintended exposure of resources",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss Enterprise Application Platform 6.4"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-1304"
},
{
"category": "external",
"summary": "RHBZ#1548289",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1548289"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-1304",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1304"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-1304",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-1304"
},
{
"category": "external",
"summary": "https://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.85",
"url": "https://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.85"
},
{
"category": "external",
"summary": "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.0.50",
"url": "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.0.50"
},
{
"category": "external",
"summary": "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.28",
"url": "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.28"
}
],
"release_date": "2018-01-31T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-05-14T20:15:33+00:00",
"details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nThe References section of this erratum contains a download link (you must log in to download the update).\n\nThe JBoss server process must be restarted for the update to take effect.",
"product_ids": [
"Red Hat JBoss Enterprise Application Platform 6.4"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:1447"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"Red Hat JBoss Enterprise Application Platform 6.4"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "tomcat: Incorrect handling of empty string URL in security constraints can lead to unintended exposure of resources"
},
{
"cve": "CVE-2018-7489",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2018-02-26T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1549276"
}
],
"notes": [
{
"category": "description",
"text": "FasterXML jackson-databind before 2.7.9.3, 2.8.x before 2.8.11.1 and 2.9.x before 2.9.5 allows unauthenticated remote code execution because of an incomplete fix for the CVE-2017-7525 deserialization flaw. This is exploitable by sending maliciously crafted JSON input to the readValue method of the ObjectMapper, bypassing a blacklist that is ineffective if the c3p0 libraries are available in the classpath.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: incomplete fix for CVE-2017-7525 permits unsafe serialization via c3p0 libraries",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Subscription Asset Manager is now in a reduced support phase receiving only Critical impact security fixes. This issue has been rated as having a security impact of Moderate, and is not currently planned to be addressed in future updates.\n\nSatellite 6.2 does not support c3p0 classes. Since the latter are required for this flaw, therefore Satellite 6.2 is not affected. Satellite 6.3 and 6.4 are not affected because Candlepin does not use polymorphic deserialization.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss Enterprise Application Platform 6.4"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-7489"
},
{
"category": "external",
"summary": "RHBZ#1549276",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1549276"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-7489",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-7489"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-7489",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-7489"
},
{
"category": "external",
"summary": "https://access.redhat.com/solutions/3442891",
"url": "https://access.redhat.com/solutions/3442891"
}
],
"release_date": "2018-02-26T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-05-14T20:15:33+00:00",
"details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nThe References section of this erratum contains a download link (you must log in to download the update).\n\nThe JBoss server process must be restarted for the update to take effect.",
"product_ids": [
"Red Hat JBoss Enterprise Application Platform 6.4"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:1447"
},
{
"category": "workaround",
"details": "Advice on how to remain safe while using JAX-RS webservices on JBoss EAP 7.x is available here:\n\nhttps://access.redhat.com/solutions/3279231\nhttps://github.com/FasterXML/jackson-docs/wiki/JacksonPolymorphicDeserialization\n\nGeneral Mitigation: \nTry to avoid \n* Deserialization from sources you do not control\n* `enableDefaultTyping()`\n* `@JsonTypeInfo using `id.CLASS` or `id.MINIMAL_CLASS`",
"product_ids": [
"Red Hat JBoss Enterprise Application Platform 6.4"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"Red Hat JBoss Enterprise Application Platform 6.4"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jackson-databind: incomplete fix for CVE-2017-7525 permits unsafe serialization via c3p0 libraries"
},
{
"acknowledgments": [
{
"names": [
"Chris McCown"
]
}
],
"cve": "CVE-2018-8088",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2018-02-26T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1548909"
}
],
"notes": [
{
"category": "description",
"text": "An XML deserialization vulnerability was discovered in slf4j\u0027s EventData, which accepts an XML serialized string and can lead to arbitrary code execution.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "slf4j: Deserialisation vulnerability in EventData constructor can allow for arbitrary code execution",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Subscription Asset Manager is now in a reduced support phase receiving only Critical impact security fixes. This issue has been rated as having a security impact of Important, and is not currently planned to be addressed in future updates.\n\nThis issue did not affect the versions of Candlepin as shipped with Red Hat Satellite 6 as Candlepin uses slf4j-api and not the affected slf4j-ext (which is not on the Candlepin classpath).\n\nRed Hat Enterprise Virtualization Manager 4.1 is affected by this issue. Updated packages that address this issue are available through the Red Hat Enterprise Linux Server channels. Virtualization Manager hosts should be subscribed to these channels and obtain the updates via `yum update`.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss Enterprise Application Platform 6.4"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-8088"
},
{
"category": "external",
"summary": "RHBZ#1548909",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1548909"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-8088",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-8088"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-8088",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-8088"
}
],
"release_date": "2018-02-22T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-05-14T20:15:33+00:00",
"details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nThe References section of this erratum contains a download link (you must log in to download the update).\n\nThe JBoss server process must be restarted for the update to take effect.",
"product_ids": [
"Red Hat JBoss Enterprise Application Platform 6.4"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:1447"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"Red Hat JBoss Enterprise Application Platform 6.4"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "slf4j: Deserialisation vulnerability in EventData constructor can allow for arbitrary code execution"
}
]
}
RHSA-2018_1450
Vulnerability from csaf_redhat - Published: 2018-05-14 20:36 - Updated: 2024-12-08 10:57Summary
Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 6.4.20 security update
Notes
Topic
An update is now available for Red Hat JBoss Enterprise Application Platform 6.4 for Red Hat Enterprise Linux 5.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat JBoss Enterprise Application Platform is a platform for Java
applications based on the JBoss Application Server.
This release of Red Hat JBoss Enterprise Application Platform 6.4.20 serves as a replacement for Red Hat JBoss Enterprise Application Platform 6.4.19, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References.
Security Fix(es):
* jackson-databind: Unsafe deserialization due to incomplete black list (incomplete fix for CVE-2017-7525) (CVE-2017-15095)
* jackson-databind: Unsafe deserialization due to incomplete black list (incomplete fix for CVE-2017-15095) (CVE-2017-17485)
* slf4j: Deserialisation vulnerability in EventData constructor can allow for arbitrary code execution (CVE-2018-8088)
* Apache ActiveMQ Artemis: Deserialization of untrusted input vulnerability (CVE-2016-4978)
* solr: Directory traversal via Index Replication HTTP API (CVE-2017-3163)
* tomcat: Incorrect handling of empty string URL in security constraints can lead to unintended exposure of resources (CVE-2018-1304)
* jackson-databind: incomplete fix for CVE-2017-7525 permits unsafe serialization via c3p0 libraries (CVE-2018-7489)
For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.
Red Hat would like to thank Liao Xinxi (NSFOCUS) for reporting CVE-2017-15095; 0c0c0f from 360观星实验室 for reporting CVE-2017-17485; and Chris McCown for reporting CVE-2018-8088.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update is now available for Red Hat JBoss Enterprise Application Platform 6.4 for Red Hat Enterprise Linux 5.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat JBoss Enterprise Application Platform is a platform for Java\napplications based on the JBoss Application Server.\n\nThis release of Red Hat JBoss Enterprise Application Platform 6.4.20 serves as a replacement for Red Hat JBoss Enterprise Application Platform 6.4.19, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References.\n\nSecurity Fix(es):\n\n* jackson-databind: Unsafe deserialization due to incomplete black list (incomplete fix for CVE-2017-7525) (CVE-2017-15095)\n\n* jackson-databind: Unsafe deserialization due to incomplete black list (incomplete fix for CVE-2017-15095) (CVE-2017-17485)\n\n* slf4j: Deserialisation vulnerability in EventData constructor can allow for arbitrary code execution (CVE-2018-8088)\n\n* Apache ActiveMQ Artemis: Deserialization of untrusted input vulnerability (CVE-2016-4978)\n\n* solr: Directory traversal via Index Replication HTTP API (CVE-2017-3163)\n\n* tomcat: Incorrect handling of empty string URL in security constraints can lead to unintended exposure of resources (CVE-2018-1304)\n\n* jackson-databind: incomplete fix for CVE-2017-7525 permits unsafe serialization via c3p0 libraries (CVE-2018-7489)\n\nFor more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.\n\nRed Hat would like to thank Liao Xinxi (NSFOCUS) for reporting CVE-2017-15095; 0c0c0f from 360\u89c2\u661f\u5b9e\u9a8c\u5ba4 for reporting CVE-2017-17485; and Chris McCown for reporting CVE-2018-8088.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2018:1450",
"url": "https://access.redhat.com/errata/RHSA-2018:1450"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/?version=6.4",
"url": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/?version=6.4"
},
{
"category": "external",
"summary": "1379207",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1379207"
},
{
"category": "external",
"summary": "1454783",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1454783"
},
{
"category": "external",
"summary": "1506612",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1506612"
},
{
"category": "external",
"summary": "1528565",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1528565"
},
{
"category": "external",
"summary": "1548289",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1548289"
},
{
"category": "external",
"summary": "1548909",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1548909"
},
{
"category": "external",
"summary": "1549276",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1549276"
},
{
"category": "external",
"summary": "1559009",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1559009"
},
{
"category": "external",
"summary": "1559012",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1559012"
},
{
"category": "external",
"summary": "1559017",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1559017"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2018/rhsa-2018_1450.json"
}
],
"title": "Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 6.4.20 security update",
"tracking": {
"current_release_date": "2024-12-08T10:57:51+00:00",
"generator": {
"date": "2024-12-08T10:57:51+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.3"
}
},
"id": "RHSA-2018:1450",
"initial_release_date": "2018-05-14T20:36:21+00:00",
"revision_history": [
{
"date": "2018-05-14T20:36:21+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2018-05-14T20:36:21+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-12-08T10:57:51+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product": {
"name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5"
}
}
}
],
"category": "product_family",
"name": "Red Hat JBoss Enterprise Application Platform"
},
{
"branches": [
{
"category": "product_version",
"name": "jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el5.src",
"product": {
"name": "jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el5.src",
"product_id": "jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jgroups@3.2.18-1.Final_redhat_1.1.ep6.el5?arch=src\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el5.src",
"product": {
"name": "jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el5.src",
"product_id": "jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossts@4.17.43-1.Final_redhat_1.1.ep6.el5?arch=src\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el5.src",
"product": {
"name": "jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el5.src",
"product_id": "jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossweb@7.5.28-1.Final_redhat_1.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el5.src",
"product": {
"name": "hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el5.src",
"product_id": "hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/hornetq@2.3.25-26.SP24_redhat_1.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el5.src",
"product": {
"name": "lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el5.src",
"product_id": "lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/lucene-solr@3.6.2-8.redhat_9.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el5.src",
"product": {
"name": "codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el5.src",
"product_id": "codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/codehaus-jackson@1.9.9-12.redhat_6.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el5.src",
"product": {
"name": "picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el5.src",
"product_id": "picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/picketbox@4.1.7-1.Final_redhat_1.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"product": {
"name": "jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"product_id": "jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossas-javadocs@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"product": {
"name": "jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"product_id": "jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-process-controller@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"product": {
"name": "jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"product_id": "jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-client-all@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"product": {
"name": "jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"product_id": "jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-network@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"product": {
"name": "jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"product_id": "jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-server@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"product": {
"name": "jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"product_id": "jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-picketlink@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"product": {
"name": "jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"product_id": "jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-modcluster@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"product": {
"name": "jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"product_id": "jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-version@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"product": {
"name": "jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"product_id": "jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-embedded@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"product": {
"name": "jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"product_id": "jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-jsr77@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"product": {
"name": "jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"product_id": "jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-threads@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"product": {
"name": "jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"product_id": "jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-configadmin@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"product": {
"name": "jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"product_id": "jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-security@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"product": {
"name": "jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"product_id": "jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-deployment-scanner@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"product": {
"name": "jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"product_id": "jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-appclient@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"product": {
"name": "jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"product_id": "jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-protocol@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"product": {
"name": "jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"product_id": "jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-mail@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"product": {
"name": "jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"product_id": "jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-web@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"product": {
"name": "jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"product_id": "jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-host-controller@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"product": {
"name": "jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"product_id": "jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-transactions@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"product": {
"name": "jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"product_id": "jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-jaxrs@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"product": {
"name": "jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"product_id": "jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-jpa@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"product": {
"name": "jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"product_id": "jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-clustering@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"product": {
"name": "jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"product_id": "jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-webservices@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"product": {
"name": "jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"product_id": "jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-ee-deployment@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"product": {
"name": "jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"product_id": "jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-jaxr@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"product": {
"name": "jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"product_id": "jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-osgi@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"product": {
"name": "jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"product_id": "jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-naming@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"product": {
"name": "jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"product_id": "jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-core-security@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"product": {
"name": "jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"product_id": "jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-weld@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"product": {
"name": "jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"product_id": "jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-connector@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"product": {
"name": "jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"product_id": "jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-jacorb@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"product": {
"name": "jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"product_id": "jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-jsf@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"product": {
"name": "jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"product_id": "jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-cli@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"product": {
"name": "jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"product_id": "jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-jmx@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"product": {
"name": "jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"product_id": "jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-management-client-content@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"product": {
"name": "jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"product_id": "jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-domain-http@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"product": {
"name": "jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"product_id": "jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-cmp@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"product": {
"name": "jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"product_id": "jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-system-jmx@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"product": {
"name": "jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"product_id": "jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-jdr@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"product": {
"name": "jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"product_id": "jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-controller-client@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"product": {
"name": "jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"product_id": "jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-xts@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"product": {
"name": "jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"product_id": "jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-domain-management@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"product": {
"name": "jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"product_id": "jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-remoting@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"product": {
"name": "jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"product_id": "jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-ejb3@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"product": {
"name": "jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"product_id": "jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-sar@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"product": {
"name": "jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"product_id": "jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-platform-mbean@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"product": {
"name": "jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"product_id": "jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-messaging@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"product": {
"name": "jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"product_id": "jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-osgi-configadmin@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"product": {
"name": "jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"product_id": "jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-ee@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"product": {
"name": "jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"product_id": "jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-pojo@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"product": {
"name": "jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"product_id": "jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-logging@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"product": {
"name": "jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"product_id": "jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-osgi-service@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"product": {
"name": "jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"product_id": "jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-deployment-repository@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"product": {
"name": "jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"product_id": "jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-controller@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"product": {
"name": "jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"product_id": "jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossas-domain@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"product": {
"name": "jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"product_id": "jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossas-appclient@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"product": {
"name": "jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"product_id": "jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossas-standalone@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"product": {
"name": "jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"product_id": "jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossas-product-eap@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"product": {
"name": "jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"product_id": "jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossas-welcome-content-eap@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"product": {
"name": "jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"product_id": "jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossas-bundles@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"product": {
"name": "jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"product_id": "jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossas-core@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=src"
}
}
},
{
"category": "product_version",
"name": "jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"product": {
"name": "jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"product_id": "jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossas-modules-eap@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el5.noarch",
"product": {
"name": "jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el5.noarch",
"product_id": "jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jgroups@3.2.18-1.Final_redhat_1.1.ep6.el5?arch=noarch\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el5.noarch",
"product": {
"name": "jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el5.noarch",
"product_id": "jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossts@4.17.43-1.Final_redhat_1.1.ep6.el5?arch=noarch\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el5.noarch",
"product": {
"name": "jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el5.noarch",
"product_id": "jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossweb@7.5.28-1.Final_redhat_1.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el5.noarch",
"product": {
"name": "hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el5.noarch",
"product_id": "hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/hornetq@2.3.25-26.SP24_redhat_1.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el5.noarch",
"product": {
"name": "lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el5.noarch",
"product_id": "lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/lucene-solr@3.6.2-8.redhat_9.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el5.noarch",
"product": {
"name": "codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el5.noarch",
"product_id": "codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/codehaus-jackson-jaxrs@1.9.9-12.redhat_6.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el5.noarch",
"product": {
"name": "codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el5.noarch",
"product_id": "codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/codehaus-jackson@1.9.9-12.redhat_6.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el5.noarch",
"product": {
"name": "codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el5.noarch",
"product_id": "codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/codehaus-jackson-xc@1.9.9-12.redhat_6.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el5.noarch",
"product": {
"name": "codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el5.noarch",
"product_id": "codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/codehaus-jackson-core-asl@1.9.9-12.redhat_6.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el5.noarch",
"product": {
"name": "codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el5.noarch",
"product_id": "codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/codehaus-jackson-mapper-asl@1.9.9-12.redhat_6.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el5.noarch",
"product": {
"name": "picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el5.noarch",
"product_id": "picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/picketbox@4.1.7-1.Final_redhat_1.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"product": {
"name": "jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"product_id": "jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossas-javadocs@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"product": {
"name": "jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"product_id": "jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-process-controller@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"product": {
"name": "jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"product_id": "jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-client-all@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"product": {
"name": "jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"product_id": "jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-network@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"product": {
"name": "jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"product_id": "jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-server@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"product": {
"name": "jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"product_id": "jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-picketlink@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"product": {
"name": "jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"product_id": "jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-modcluster@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"product": {
"name": "jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"product_id": "jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-version@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"product": {
"name": "jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"product_id": "jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-embedded@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"product": {
"name": "jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"product_id": "jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-jsr77@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"product": {
"name": "jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"product_id": "jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-threads@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"product": {
"name": "jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"product_id": "jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-configadmin@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"product": {
"name": "jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"product_id": "jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-security@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"product": {
"name": "jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"product_id": "jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-deployment-scanner@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"product": {
"name": "jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"product_id": "jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-appclient@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"product": {
"name": "jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"product_id": "jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-protocol@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"product": {
"name": "jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"product_id": "jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-mail@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"product": {
"name": "jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"product_id": "jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-web@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"product": {
"name": "jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"product_id": "jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-host-controller@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"product": {
"name": "jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"product_id": "jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-transactions@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"product": {
"name": "jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"product_id": "jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-jaxrs@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"product": {
"name": "jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"product_id": "jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-jpa@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"product": {
"name": "jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"product_id": "jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-clustering@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"product": {
"name": "jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"product_id": "jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-webservices@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"product": {
"name": "jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"product_id": "jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-ee-deployment@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"product": {
"name": "jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"product_id": "jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-jaxr@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"product": {
"name": "jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"product_id": "jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-osgi@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"product": {
"name": "jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"product_id": "jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-naming@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"product": {
"name": "jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"product_id": "jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-core-security@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"product": {
"name": "jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"product_id": "jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-weld@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"product": {
"name": "jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"product_id": "jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-connector@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"product": {
"name": "jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"product_id": "jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-jacorb@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"product": {
"name": "jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"product_id": "jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-jsf@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"product": {
"name": "jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"product_id": "jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-cli@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"product": {
"name": "jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"product_id": "jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-jmx@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"product": {
"name": "jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"product_id": "jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-management-client-content@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"product": {
"name": "jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"product_id": "jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-domain-http@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"product": {
"name": "jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"product_id": "jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-cmp@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"product": {
"name": "jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"product_id": "jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-system-jmx@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"product": {
"name": "jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"product_id": "jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-jdr@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"product": {
"name": "jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"product_id": "jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-controller-client@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"product": {
"name": "jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"product_id": "jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-xts@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"product": {
"name": "jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"product_id": "jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-domain-management@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"product": {
"name": "jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"product_id": "jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-remoting@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"product": {
"name": "jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"product_id": "jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-ejb3@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"product": {
"name": "jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"product_id": "jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-sar@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"product": {
"name": "jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"product_id": "jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-platform-mbean@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"product": {
"name": "jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"product_id": "jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-messaging@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"product": {
"name": "jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"product_id": "jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-osgi-configadmin@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"product": {
"name": "jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"product_id": "jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-ee@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"product": {
"name": "jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"product_id": "jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-pojo@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"product": {
"name": "jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"product_id": "jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-logging@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"product": {
"name": "jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"product_id": "jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-osgi-service@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"product": {
"name": "jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"product_id": "jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-deployment-repository@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"product": {
"name": "jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"product_id": "jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-controller@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"product": {
"name": "jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"product_id": "jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossas-domain@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"product": {
"name": "jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"product_id": "jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossas-appclient@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"product": {
"name": "jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"product_id": "jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossas-standalone@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"product": {
"name": "jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"product_id": "jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossas-product-eap@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"product": {
"name": "jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"product_id": "jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossas-welcome-content-eap@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"product": {
"name": "jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"product_id": "jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossas-bundles@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"product": {
"name": "jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"product_id": "jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossas-core@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"product": {
"name": "jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"product_id": "jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossas-modules-eap@7.5.20-1.Final_redhat_1.1.ep6.el5?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el5.noarch"
},
"product_reference": "codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el5.src"
},
"product_reference": "codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el5.noarch"
},
"product_reference": "codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el5.noarch"
},
"product_reference": "codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el5.noarch"
},
"product_reference": "codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el5.noarch"
},
"product_reference": "codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el5.noarch"
},
"product_reference": "hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el5.src"
},
"product_reference": "hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch"
},
"product_reference": "jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src"
},
"product_reference": "jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch"
},
"product_reference": "jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src"
},
"product_reference": "jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch"
},
"product_reference": "jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src"
},
"product_reference": "jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch"
},
"product_reference": "jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src"
},
"product_reference": "jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch"
},
"product_reference": "jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src"
},
"product_reference": "jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch"
},
"product_reference": "jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src"
},
"product_reference": "jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch"
},
"product_reference": "jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src"
},
"product_reference": "jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch"
},
"product_reference": "jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src"
},
"product_reference": "jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch"
},
"product_reference": "jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src"
},
"product_reference": "jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch"
},
"product_reference": "jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src"
},
"product_reference": "jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch"
},
"product_reference": "jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src"
},
"product_reference": "jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch"
},
"product_reference": "jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src"
},
"product_reference": "jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch"
},
"product_reference": "jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src"
},
"product_reference": "jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch"
},
"product_reference": "jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src"
},
"product_reference": "jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch"
},
"product_reference": "jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src"
},
"product_reference": "jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch"
},
"product_reference": "jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src"
},
"product_reference": "jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch"
},
"product_reference": "jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src"
},
"product_reference": "jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch"
},
"product_reference": "jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src"
},
"product_reference": "jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch"
},
"product_reference": "jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src"
},
"product_reference": "jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch"
},
"product_reference": "jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src"
},
"product_reference": "jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch"
},
"product_reference": "jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src"
},
"product_reference": "jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch"
},
"product_reference": "jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src"
},
"product_reference": "jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch"
},
"product_reference": "jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src"
},
"product_reference": "jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch"
},
"product_reference": "jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src"
},
"product_reference": "jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch"
},
"product_reference": "jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src"
},
"product_reference": "jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch"
},
"product_reference": "jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src"
},
"product_reference": "jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch"
},
"product_reference": "jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src"
},
"product_reference": "jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch"
},
"product_reference": "jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src"
},
"product_reference": "jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch"
},
"product_reference": "jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src"
},
"product_reference": "jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch"
},
"product_reference": "jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src"
},
"product_reference": "jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch"
},
"product_reference": "jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src"
},
"product_reference": "jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch"
},
"product_reference": "jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src"
},
"product_reference": "jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch"
},
"product_reference": "jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src"
},
"product_reference": "jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch"
},
"product_reference": "jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src"
},
"product_reference": "jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch"
},
"product_reference": "jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src"
},
"product_reference": "jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch"
},
"product_reference": "jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src"
},
"product_reference": "jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch"
},
"product_reference": "jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src"
},
"product_reference": "jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch"
},
"product_reference": "jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src"
},
"product_reference": "jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch"
},
"product_reference": "jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src"
},
"product_reference": "jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch"
},
"product_reference": "jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src"
},
"product_reference": "jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch"
},
"product_reference": "jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src"
},
"product_reference": "jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch"
},
"product_reference": "jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src"
},
"product_reference": "jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch"
},
"product_reference": "jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src"
},
"product_reference": "jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch"
},
"product_reference": "jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src"
},
"product_reference": "jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch"
},
"product_reference": "jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src"
},
"product_reference": "jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch"
},
"product_reference": "jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src"
},
"product_reference": "jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch"
},
"product_reference": "jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src"
},
"product_reference": "jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch"
},
"product_reference": "jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src"
},
"product_reference": "jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch"
},
"product_reference": "jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src"
},
"product_reference": "jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch"
},
"product_reference": "jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src"
},
"product_reference": "jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch"
},
"product_reference": "jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src"
},
"product_reference": "jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch"
},
"product_reference": "jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src"
},
"product_reference": "jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch"
},
"product_reference": "jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src"
},
"product_reference": "jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch"
},
"product_reference": "jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src"
},
"product_reference": "jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch"
},
"product_reference": "jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src"
},
"product_reference": "jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch"
},
"product_reference": "jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src"
},
"product_reference": "jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch"
},
"product_reference": "jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src"
},
"product_reference": "jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch"
},
"product_reference": "jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src"
},
"product_reference": "jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch"
},
"product_reference": "jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src"
},
"product_reference": "jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch"
},
"product_reference": "jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src"
},
"product_reference": "jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch"
},
"product_reference": "jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src"
},
"product_reference": "jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch"
},
"product_reference": "jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src"
},
"product_reference": "jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch"
},
"product_reference": "jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src"
},
"product_reference": "jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el5.noarch"
},
"product_reference": "jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el5.src"
},
"product_reference": "jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el5.noarch"
},
"product_reference": "jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el5.src"
},
"product_reference": "jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el5.noarch"
},
"product_reference": "jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el5.src"
},
"product_reference": "jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el5.noarch"
},
"product_reference": "lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el5.src"
},
"product_reference": "lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el5.noarch"
},
"product_reference": "picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el5.noarch",
"relates_to_product_reference": "5Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
"product_id": "5Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el5.src"
},
"product_reference": "picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el5.src",
"relates_to_product_reference": "5Server-JBEAP-6.4"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2016-4978",
"discovery_date": "2016-09-23T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1379207"
}
],
"notes": [
{
"category": "description",
"text": "It was found that use of a JMS ObjectMessage does not safely handle user supplied data when deserializing objects. A remote attacker could use this flaw to execute arbitrary code with the permissions of the application using a JMS ObjectMessage.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Artemis: Deserialization of untrusted input vulnerability",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el5.src",
"5Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el5.src",
"5Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el5.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2016-4978"
},
{
"category": "external",
"summary": "RHBZ#1379207",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1379207"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2016-4978",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-4978"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2016-4978",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2016-4978"
}
],
"release_date": "2016-09-23T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-05-14T20:36:21+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el5.src",
"5Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el5.src",
"5Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el5.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:1450"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:S/C:P/I:P/A:P",
"version": "2.0"
},
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:L",
"version": "3.0"
},
"products": [
"5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el5.src",
"5Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el5.src",
"5Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el5.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "Artemis: Deserialization of untrusted input vulnerability"
},
{
"cve": "CVE-2017-3163",
"cwe": {
"id": "CWE-22",
"name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
},
"discovery_date": "2017-05-21T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1454783"
}
],
"notes": [
{
"category": "description",
"text": "When using the Index Replication feature, Apache Solr nodes can pull index files from a master/leader node using an HTTP API which accepts a file name. However, Solr before 5.5.4 and 6.x before 6.4.1 did not validate the file name, hence it was possible to craft a special request involving path traversal, leaving any file readable to the Solr server process exposed. Solr servers protected and restricted by firewall rules and/or authentication would not be at risk since only trusted clients and users would gain direct HTTP access.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "solr: Directory traversal via Index Replication HTTP API",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el5.src",
"5Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el5.src",
"5Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el5.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-3163"
},
{
"category": "external",
"summary": "RHBZ#1454783",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1454783"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-3163",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3163"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-3163",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-3163"
}
],
"release_date": "2017-02-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-05-14T20:36:21+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el5.src",
"5Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el5.src",
"5Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el5.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:1450"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"products": [
"5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el5.src",
"5Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el5.src",
"5Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el5.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "solr: Directory traversal via Index Replication HTTP API"
},
{
"acknowledgments": [
{
"names": [
"Liao Xinxi"
],
"organization": "NSFOCUS"
}
],
"cve": "CVE-2017-7525",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2017-06-16T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1462702"
}
],
"notes": [
{
"category": "description",
"text": "A deserialization flaw was discovered in the jackson-databind which could allow an unauthenticated user to perform code execution by sending the maliciously crafted input to the readValue method of the ObjectMapper.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: Deserialization vulnerability via readValue method of ObjectMapper",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue affects the versions of jackson-databind (in Satellite 6.0 and 6.1) and candlepin (which embeds a copy of jackson-databind in Satellite 6.2) as shipped with Red Hat Satellite 6.x. However the affected code is NOT used at this time:\n\nCandlepin currently uses the default type resolution configuration for the ObjectMappers it creates/uses. Nowhere in candlepin do we enable global polymorphic deserialization via enableDefaultTyping(...), therefore based on the documentation sited BZ 1462702 , candlepin should not be affected.\n\nHowever as the vulnerable software ships with the product we have marked them as vulnerable to ensure the issue is tracked.\n\nJBoss EAP 7.x only uses the vulnerable Jackson Databind library for marshalling and unmarshalling of JSON objects passed to JAX-RS webservices. Some advise about how to remain safe when using JAX-RS webservices on JBoss EAP 7.x is available here: \n\nhttps://access.redhat.com/solutions/3279231\n\nAlthough JBoss Fuse ships the vulnerable version of jackson-databind, it does not call on enableDefaultTyping() for any polymorphic deserialization operations which is the root cause of this vulnerability. We have raised a Jira tracker to ensure that jackson-databind will be upgraded for Fuse 7.0, however due to feasibility issues jackson-databind cannot be upgraded in JBoss Fuse 6.3.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el5.src",
"5Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el5.src",
"5Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el5.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-7525"
},
{
"category": "external",
"summary": "RHBZ#1462702",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1462702"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-7525",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-7525"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-7525",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-7525"
}
],
"release_date": "2017-07-14T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-05-14T20:36:21+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el5.src",
"5Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el5.src",
"5Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el5.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:1450"
},
{
"category": "workaround",
"details": "Mitigation to this problem is to not trigger polymorphic desrialization globally by using: objectMapper.enableDefaultTyping() and rather use @JsonTypeInfo on the class property to explicitly define the type information. For more information on this issue please refer to https://www.github.com/mbechler/marshalsec/blob/master/marshalsec.pdf?raw=true",
"product_ids": [
"5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el5.src",
"5Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el5.src",
"5Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el5.src"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el5.src",
"5Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el5.src",
"5Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el5.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "jackson-databind: Deserialization vulnerability via readValue method of ObjectMapper"
},
{
"acknowledgments": [
{
"names": [
"Liao Xinxi"
],
"organization": "NSFOCUS"
}
],
"cve": "CVE-2017-15095",
"cwe": {
"id": "CWE-184",
"name": "Incomplete List of Disallowed Inputs"
},
"discovery_date": "2017-10-14T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1506612"
}
],
"notes": [
{
"category": "description",
"text": "A deserialization flaw was discovered in the jackson-databind which could allow an unauthenticated user to perform code execution by sending the maliciously crafted input to the readValue method of the ObjectMapper. This issue extends the previous flaw CVE-2017-7525 by blacklisting more classes that could be used maliciously.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: Unsafe deserialization due to incomplete black list (incomplete fix for CVE-2017-7525)",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue affects the versions of jackson-databind (in Satellite 6.0 and 6.1) and candlepin (which embeds a copy of jackson-databind in Satellite 6.2) as shipped with Red Hat Satellite 6.x. However the affected code is NOT used at this time:\n\nCandlepin currently uses the default type resolution configuration for the ObjectMappers it creates/uses. Nowhere in candlepin do we enable global polymorphic deserialization via enableDefaultTyping(...), therefore based on the documentation sited BZ 1462702 , candlepin should not be affected.\n\nHowever as the vulnerable software ships with the product we have marked them as vulnerable to ensure the issue is tracked.\n\nJBoss EAP 7.x only uses the vulnerable Jackson Databind library for marshalling and unmarshalling of JSON objects passed to JAX-RS webservices. Some advise about how to remain safe when using JAX-RS webservices on JBoss EAP 7.x is available here: \n\nhttps://access.redhat.com/solutions/3279231",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el5.src",
"5Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el5.src",
"5Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el5.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-15095"
},
{
"category": "external",
"summary": "RHBZ#1506612",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1506612"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-15095",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-15095"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-15095",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-15095"
},
{
"category": "external",
"summary": "https://access.redhat.com/solutions/3442891",
"url": "https://access.redhat.com/solutions/3442891"
}
],
"release_date": "2017-11-02T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-05-14T20:36:21+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el5.src",
"5Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el5.src",
"5Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el5.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:1450"
},
{
"category": "workaround",
"details": "Mitigation to this problem is to not trigger polymorphic desrialization globally by using: objectMapper.enableDefaultTyping() and rather use @JsonTypeInfo on the class property to explicitly define the type information. For more information on this issue please refer to https://www.github.com/mbechler/marshalsec/blob/master/marshalsec.pdf?raw=true",
"product_ids": [
"5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el5.src",
"5Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el5.src",
"5Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el5.src"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el5.src",
"5Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el5.src",
"5Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el5.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "jackson-databind: Unsafe deserialization due to incomplete black list (incomplete fix for CVE-2017-7525)"
},
{
"acknowledgments": [
{
"names": [
"0c0c0f from 360\u89c2\u661f\u5b9e\u9a8c\u5ba4"
]
}
],
"cve": "CVE-2017-17485",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2017-12-06T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1528565"
}
],
"notes": [
{
"category": "description",
"text": "A deserialization flaw was discovered in the jackson-databind which could allow an unauthenticated user to perform code execution by sending maliciously crafted input to the readValue method of ObjectMapper. This issue extends upon the previous flaws CVE-2017-7525 and CVE-2017-15095 by blacklisting more classes that could be used maliciously.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: Unsafe deserialization due to incomplete black list (incomplete fix for CVE-2017-15095)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el5.src",
"5Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el5.src",
"5Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el5.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-17485"
},
{
"category": "external",
"summary": "RHBZ#1528565",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1528565"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-17485",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-17485"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-17485",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-17485"
},
{
"category": "external",
"summary": "https://access.redhat.com/solutions/3442891",
"url": "https://access.redhat.com/solutions/3442891"
}
],
"release_date": "2017-12-12T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-05-14T20:36:21+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el5.src",
"5Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el5.src",
"5Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el5.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:1450"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el5.src",
"5Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el5.src",
"5Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el5.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "jackson-databind: Unsafe deserialization due to incomplete black list (incomplete fix for CVE-2017-15095)"
},
{
"cve": "CVE-2018-1304",
"cwe": {
"id": "CWE-284",
"name": "Improper Access Control"
},
"discovery_date": "2018-02-23T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1548289"
}
],
"notes": [
{
"category": "description",
"text": "The URL pattern of \"\" (the empty string) which exactly maps to the context root was not correctly handled in Apache Tomcat 9.0.0.M1 to 9.0.4, 8.5.0 to 8.5.27, 8.0.0.RC1 to 8.0.49 and 7.0.0 to 7.0.84 when used as part of a security constraint definition. This caused the constraint to be ignored. It was, therefore, possible for unauthorised users to gain access to web application resources that should have been protected. Only security constraints with a URL pattern of the empty string were affected.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "tomcat: Incorrect handling of empty string URL in security constraints can lead to unintended exposure of resources",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el5.src",
"5Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el5.src",
"5Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el5.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-1304"
},
{
"category": "external",
"summary": "RHBZ#1548289",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1548289"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-1304",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1304"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-1304",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-1304"
},
{
"category": "external",
"summary": "https://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.85",
"url": "https://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.85"
},
{
"category": "external",
"summary": "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.0.50",
"url": "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.0.50"
},
{
"category": "external",
"summary": "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.28",
"url": "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.28"
}
],
"release_date": "2018-01-31T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-05-14T20:36:21+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el5.src",
"5Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el5.src",
"5Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el5.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:1450"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el5.src",
"5Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el5.src",
"5Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el5.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "tomcat: Incorrect handling of empty string URL in security constraints can lead to unintended exposure of resources"
},
{
"cve": "CVE-2018-7489",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2018-02-26T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1549276"
}
],
"notes": [
{
"category": "description",
"text": "FasterXML jackson-databind before 2.7.9.3, 2.8.x before 2.8.11.1 and 2.9.x before 2.9.5 allows unauthenticated remote code execution because of an incomplete fix for the CVE-2017-7525 deserialization flaw. This is exploitable by sending maliciously crafted JSON input to the readValue method of the ObjectMapper, bypassing a blacklist that is ineffective if the c3p0 libraries are available in the classpath.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: incomplete fix for CVE-2017-7525 permits unsafe serialization via c3p0 libraries",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Subscription Asset Manager is now in a reduced support phase receiving only Critical impact security fixes. This issue has been rated as having a security impact of Moderate, and is not currently planned to be addressed in future updates.\n\nSatellite 6.2 does not support c3p0 classes. Since the latter are required for this flaw, therefore Satellite 6.2 is not affected. Satellite 6.3 and 6.4 are not affected because Candlepin does not use polymorphic deserialization.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el5.src",
"5Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el5.src",
"5Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el5.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-7489"
},
{
"category": "external",
"summary": "RHBZ#1549276",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1549276"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-7489",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-7489"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-7489",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-7489"
},
{
"category": "external",
"summary": "https://access.redhat.com/solutions/3442891",
"url": "https://access.redhat.com/solutions/3442891"
}
],
"release_date": "2018-02-26T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-05-14T20:36:21+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el5.src",
"5Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el5.src",
"5Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el5.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:1450"
},
{
"category": "workaround",
"details": "Advice on how to remain safe while using JAX-RS webservices on JBoss EAP 7.x is available here:\n\nhttps://access.redhat.com/solutions/3279231\nhttps://github.com/FasterXML/jackson-docs/wiki/JacksonPolymorphicDeserialization\n\nGeneral Mitigation: \nTry to avoid \n* Deserialization from sources you do not control\n* `enableDefaultTyping()`\n* `@JsonTypeInfo using `id.CLASS` or `id.MINIMAL_CLASS`",
"product_ids": [
"5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el5.src",
"5Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el5.src",
"5Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el5.src"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el5.src",
"5Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el5.src",
"5Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el5.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jackson-databind: incomplete fix for CVE-2017-7525 permits unsafe serialization via c3p0 libraries"
},
{
"acknowledgments": [
{
"names": [
"Chris McCown"
]
}
],
"cve": "CVE-2018-8088",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2018-02-26T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1548909"
}
],
"notes": [
{
"category": "description",
"text": "An XML deserialization vulnerability was discovered in slf4j\u0027s EventData, which accepts an XML serialized string and can lead to arbitrary code execution.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "slf4j: Deserialisation vulnerability in EventData constructor can allow for arbitrary code execution",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Subscription Asset Manager is now in a reduced support phase receiving only Critical impact security fixes. This issue has been rated as having a security impact of Important, and is not currently planned to be addressed in future updates.\n\nThis issue did not affect the versions of Candlepin as shipped with Red Hat Satellite 6 as Candlepin uses slf4j-api and not the affected slf4j-ext (which is not on the Candlepin classpath).\n\nRed Hat Enterprise Virtualization Manager 4.1 is affected by this issue. Updated packages that address this issue are available through the Red Hat Enterprise Linux Server channels. Virtualization Manager hosts should be subscribed to these channels and obtain the updates via `yum update`.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el5.src",
"5Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el5.src",
"5Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el5.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-8088"
},
{
"category": "external",
"summary": "RHBZ#1548909",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1548909"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-8088",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-8088"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-8088",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-8088"
}
],
"release_date": "2018-02-22T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-05-14T20:36:21+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el5.src",
"5Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el5.src",
"5Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el5.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:1450"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el5.src",
"5Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el5.src",
"5Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el5.src",
"5Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el5.noarch",
"5Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el5.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "slf4j: Deserialisation vulnerability in EventData constructor can allow for arbitrary code execution"
}
]
}
RHSA-2018:1448
Vulnerability from csaf_redhat - Published: 2018-05-14 20:36 - Updated: 2025-11-21 18:04Summary
Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 6.4.20 security update
Notes
Topic
An update is now available for Red Hat JBoss Enterprise Application Platform 6.4 for Red Hat Enterprise Linux 7.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat JBoss Enterprise Application Platform is a platform for Java applications based on the JBoss Application Server.
This release of Red Hat JBoss Enterprise Application Platform 6.4.20 serves as a replacement for Red Hat JBoss Enterprise Application Platform 6.4.19, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References.
Security Fix(es):
* jackson-databind: Unsafe deserialization due to incomplete black list (incomplete fix for CVE-2017-7525) (CVE-2017-15095)
* jackson-databind: Unsafe deserialization due to incomplete black list (incomplete fix for CVE-2017-15095) (CVE-2017-17485)
* slf4j: Deserialisation vulnerability in EventData constructor can allow for arbitrary code execution (CVE-2018-8088)
* Apache ActiveMQ Artemis: Deserialization of untrusted input vulnerability (CVE-2016-4978)
* solr: Directory traversal via Index Replication HTTP API (CVE-2017-3163)
* tomcat: Incorrect handling of empty string URL in security constraints can lead to unintended exposure of resources (CVE-2018-1304)
* jackson-databind: incomplete fix for CVE-2017-7525 permits unsafe serialization via c3p0 libraries (CVE-2018-7489)
For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.
Red Hat would like to thank Liao Xinxi (NSFOCUS) for reporting CVE-2017-15095; 0c0c0f from 360观星实验室 for reporting CVE-2017-17485; and Chris McCown for reporting CVE-2018-8088.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update is now available for Red Hat JBoss Enterprise Application Platform 6.4 for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat JBoss Enterprise Application Platform is a platform for Java applications based on the JBoss Application Server.\n\nThis release of Red Hat JBoss Enterprise Application Platform 6.4.20 serves as a replacement for Red Hat JBoss Enterprise Application Platform 6.4.19, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References.\n\nSecurity Fix(es):\n\n* jackson-databind: Unsafe deserialization due to incomplete black list (incomplete fix for CVE-2017-7525) (CVE-2017-15095)\n\n* jackson-databind: Unsafe deserialization due to incomplete black list (incomplete fix for CVE-2017-15095) (CVE-2017-17485)\n\n* slf4j: Deserialisation vulnerability in EventData constructor can allow for arbitrary code execution (CVE-2018-8088)\n\n* Apache ActiveMQ Artemis: Deserialization of untrusted input vulnerability (CVE-2016-4978)\n\n* solr: Directory traversal via Index Replication HTTP API (CVE-2017-3163)\n\n* tomcat: Incorrect handling of empty string URL in security constraints can lead to unintended exposure of resources (CVE-2018-1304)\n\n* jackson-databind: incomplete fix for CVE-2017-7525 permits unsafe serialization via c3p0 libraries (CVE-2018-7489)\n\nFor more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.\n\nRed Hat would like to thank Liao Xinxi (NSFOCUS) for reporting CVE-2017-15095; 0c0c0f from 360\u89c2\u661f\u5b9e\u9a8c\u5ba4 for reporting CVE-2017-17485; and Chris McCown for reporting CVE-2018-8088.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2018:1448",
"url": "https://access.redhat.com/errata/RHSA-2018:1448"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/?version=6.4",
"url": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/?version=6.4"
},
{
"category": "external",
"summary": "1379207",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1379207"
},
{
"category": "external",
"summary": "1454783",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1454783"
},
{
"category": "external",
"summary": "1506612",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1506612"
},
{
"category": "external",
"summary": "1528565",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1528565"
},
{
"category": "external",
"summary": "1548289",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1548289"
},
{
"category": "external",
"summary": "1548909",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1548909"
},
{
"category": "external",
"summary": "1549276",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1549276"
},
{
"category": "external",
"summary": "1559010",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1559010"
},
{
"category": "external",
"summary": "1559013",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1559013"
},
{
"category": "external",
"summary": "1559018",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1559018"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2018/rhsa-2018_1448.json"
}
],
"title": "Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 6.4.20 security update",
"tracking": {
"current_release_date": "2025-11-21T18:04:43+00:00",
"generator": {
"date": "2025-11-21T18:04:43+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.12"
}
},
"id": "RHSA-2018:1448",
"initial_release_date": "2018-05-14T20:36:07+00:00",
"revision_history": [
{
"date": "2018-05-14T20:36:07+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2018-05-14T20:36:07+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-11-21T18:04:43+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product": {
"name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el7"
}
}
}
],
"category": "product_family",
"name": "Red Hat JBoss Enterprise Application Platform"
},
{
"branches": [
{
"category": "product_version",
"name": "jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el7.src",
"product": {
"name": "jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el7.src",
"product_id": "jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jgroups@3.2.18-1.Final_redhat_1.1.ep6.el7?arch=src\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el7.src",
"product": {
"name": "jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el7.src",
"product_id": "jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossts@4.17.43-1.Final_redhat_1.1.ep6.el7?arch=src\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el7.src",
"product": {
"name": "jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el7.src",
"product_id": "jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossweb@7.5.28-1.Final_redhat_1.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el7.src",
"product": {
"name": "hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el7.src",
"product_id": "hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/hornetq@2.3.25-26.SP24_redhat_1.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el7.src",
"product": {
"name": "lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el7.src",
"product_id": "lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/lucene-solr@3.6.2-8.redhat_9.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el7.src",
"product": {
"name": "codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el7.src",
"product_id": "codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/codehaus-jackson@1.9.9-12.redhat_6.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el7.src",
"product": {
"name": "picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el7.src",
"product_id": "picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/picketbox@4.1.7-1.Final_redhat_1.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"product": {
"name": "jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"product_id": "jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossas-javadocs@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"product": {
"name": "jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"product_id": "jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-jaxrs@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"product": {
"name": "jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"product_id": "jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-jdr@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"product": {
"name": "jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"product_id": "jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-process-controller@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"product": {
"name": "jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"product_id": "jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-jsr77@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"product": {
"name": "jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"product_id": "jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-security@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"product": {
"name": "jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"product_id": "jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-weld@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"product": {
"name": "jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"product_id": "jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-jsf@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"product": {
"name": "jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"product_id": "jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-system-jmx@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"product": {
"name": "jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"product_id": "jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-jpa@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"product": {
"name": "jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"product_id": "jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-appclient@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"product": {
"name": "jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"product_id": "jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-deployment-scanner@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"product": {
"name": "jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"product_id": "jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-host-controller@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"product": {
"name": "jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"product_id": "jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-webservices@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"product": {
"name": "jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"product_id": "jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-embedded@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"product": {
"name": "jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"product_id": "jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-connector@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"product": {
"name": "jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"product_id": "jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-web@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"product": {
"name": "jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"product_id": "jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-network@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"product": {
"name": "jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"product_id": "jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-transactions@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"product": {
"name": "jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"product_id": "jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-naming@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"product": {
"name": "jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"product_id": "jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-picketlink@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"product": {
"name": "jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"product_id": "jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-clustering@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"product": {
"name": "jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"product_id": "jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-modcluster@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"product": {
"name": "jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"product_id": "jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-version@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"product": {
"name": "jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"product_id": "jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-mail@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"product": {
"name": "jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"product_id": "jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-core-security@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"product": {
"name": "jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"product_id": "jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-osgi@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"product": {
"name": "jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"product_id": "jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-client-all@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"product": {
"name": "jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"product_id": "jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-cli@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"product": {
"name": "jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"product_id": "jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-configadmin@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"product": {
"name": "jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"product_id": "jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-threads@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"product": {
"name": "jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"product_id": "jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-xts@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"product": {
"name": "jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"product_id": "jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-protocol@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"product": {
"name": "jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"product_id": "jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-jmx@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"product": {
"name": "jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"product_id": "jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-ee-deployment@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"product": {
"name": "jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"product_id": "jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-server@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"product": {
"name": "jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"product_id": "jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-jaxr@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"product": {
"name": "jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"product_id": "jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-jacorb@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"product": {
"name": "jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"product_id": "jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-management-client-content@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"product": {
"name": "jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"product_id": "jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-controller-client@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"product": {
"name": "jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"product_id": "jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-domain-management@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"product": {
"name": "jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"product_id": "jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-cmp@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"product": {
"name": "jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"product_id": "jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-remoting@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"product": {
"name": "jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"product_id": "jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-ejb3@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"product": {
"name": "jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"product_id": "jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-logging@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"product": {
"name": "jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"product_id": "jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-osgi-configadmin@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"product": {
"name": "jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"product_id": "jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-domain-http@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"product": {
"name": "jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"product_id": "jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-ee@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"product": {
"name": "jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"product_id": "jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-controller@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"product": {
"name": "jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"product_id": "jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-messaging@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"product": {
"name": "jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"product_id": "jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-pojo@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"product": {
"name": "jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"product_id": "jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-sar@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"product": {
"name": "jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"product_id": "jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-deployment-repository@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"product": {
"name": "jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"product_id": "jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-osgi-service@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"product": {
"name": "jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"product_id": "jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-platform-mbean@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"product": {
"name": "jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"product_id": "jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossas-welcome-content-eap@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"product": {
"name": "jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"product_id": "jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossas-core@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"product": {
"name": "jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"product_id": "jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossas-product-eap@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"product": {
"name": "jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"product_id": "jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossas-domain@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"product": {
"name": "jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"product_id": "jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossas-appclient@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"product": {
"name": "jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"product_id": "jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossas-standalone@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"product": {
"name": "jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"product_id": "jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossas-bundles@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"product": {
"name": "jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"product_id": "jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossas-modules-eap@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el7.noarch",
"product": {
"name": "jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el7.noarch",
"product_id": "jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jgroups@3.2.18-1.Final_redhat_1.1.ep6.el7?arch=noarch\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el7.noarch",
"product": {
"name": "jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el7.noarch",
"product_id": "jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossts@4.17.43-1.Final_redhat_1.1.ep6.el7?arch=noarch\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el7.noarch",
"product": {
"name": "jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el7.noarch",
"product_id": "jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossweb@7.5.28-1.Final_redhat_1.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el7.noarch",
"product": {
"name": "hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el7.noarch",
"product_id": "hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/hornetq@2.3.25-26.SP24_redhat_1.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el7.noarch",
"product": {
"name": "lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el7.noarch",
"product_id": "lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/lucene-solr@3.6.2-8.redhat_9.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el7.noarch",
"product": {
"name": "codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el7.noarch",
"product_id": "codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/codehaus-jackson-core-asl@1.9.9-12.redhat_6.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el7.noarch",
"product": {
"name": "codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el7.noarch",
"product_id": "codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/codehaus-jackson-jaxrs@1.9.9-12.redhat_6.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el7.noarch",
"product": {
"name": "codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el7.noarch",
"product_id": "codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/codehaus-jackson@1.9.9-12.redhat_6.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el7.noarch",
"product": {
"name": "codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el7.noarch",
"product_id": "codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/codehaus-jackson-xc@1.9.9-12.redhat_6.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el7.noarch",
"product": {
"name": "codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el7.noarch",
"product_id": "codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/codehaus-jackson-mapper-asl@1.9.9-12.redhat_6.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el7.noarch",
"product": {
"name": "picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el7.noarch",
"product_id": "picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/picketbox@4.1.7-1.Final_redhat_1.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"product": {
"name": "jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"product_id": "jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossas-javadocs@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"product_id": "jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-jaxrs@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"product_id": "jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-jdr@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"product_id": "jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-process-controller@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"product_id": "jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-jsr77@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"product_id": "jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-security@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"product_id": "jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-weld@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"product_id": "jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-jsf@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"product_id": "jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-system-jmx@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"product_id": "jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-jpa@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"product_id": "jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-appclient@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"product_id": "jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-deployment-scanner@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"product_id": "jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-host-controller@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"product_id": "jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-webservices@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"product_id": "jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-embedded@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"product_id": "jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-connector@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"product_id": "jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-web@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"product_id": "jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-network@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"product_id": "jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-transactions@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"product_id": "jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-naming@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"product_id": "jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-picketlink@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"product_id": "jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-clustering@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"product_id": "jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-modcluster@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"product_id": "jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-version@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"product_id": "jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-mail@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"product_id": "jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-core-security@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"product_id": "jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-osgi@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"product_id": "jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-client-all@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"product_id": "jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-cli@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"product_id": "jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-configadmin@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"product_id": "jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-threads@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"product_id": "jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-xts@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"product_id": "jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-protocol@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"product_id": "jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-jmx@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"product_id": "jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-ee-deployment@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"product_id": "jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-server@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"product_id": "jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-jaxr@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"product_id": "jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-jacorb@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"product_id": "jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-management-client-content@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"product_id": "jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-controller-client@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"product_id": "jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-domain-management@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"product_id": "jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-cmp@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"product_id": "jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-remoting@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"product_id": "jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-ejb3@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"product_id": "jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-logging@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"product_id": "jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-osgi-configadmin@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"product_id": "jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-domain-http@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"product_id": "jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-ee@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"product_id": "jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-controller@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"product_id": "jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-messaging@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"product_id": "jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-pojo@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"product_id": "jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-sar@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"product_id": "jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-deployment-repository@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"product_id": "jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-osgi-service@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"product_id": "jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-platform-mbean@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"product": {
"name": "jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"product_id": "jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossas-welcome-content-eap@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"product": {
"name": "jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"product_id": "jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossas-core@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"product": {
"name": "jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"product_id": "jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossas-product-eap@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"product": {
"name": "jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"product_id": "jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossas-domain@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"product": {
"name": "jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"product_id": "jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossas-appclient@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"product": {
"name": "jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"product_id": "jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossas-standalone@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"product": {
"name": "jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"product_id": "jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossas-bundles@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"product": {
"name": "jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"product_id": "jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossas-modules-eap@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el7.noarch"
},
"product_reference": "codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el7.src"
},
"product_reference": "codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el7.noarch"
},
"product_reference": "codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el7.noarch"
},
"product_reference": "codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el7.noarch"
},
"product_reference": "codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el7.noarch"
},
"product_reference": "codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el7.noarch"
},
"product_reference": "hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el7.src"
},
"product_reference": "hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src"
},
"product_reference": "jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src"
},
"product_reference": "jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src"
},
"product_reference": "jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src"
},
"product_reference": "jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src"
},
"product_reference": "jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src"
},
"product_reference": "jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src"
},
"product_reference": "jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src"
},
"product_reference": "jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src"
},
"product_reference": "jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src"
},
"product_reference": "jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src"
},
"product_reference": "jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src"
},
"product_reference": "jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src"
},
"product_reference": "jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src"
},
"product_reference": "jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src"
},
"product_reference": "jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src"
},
"product_reference": "jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src"
},
"product_reference": "jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src"
},
"product_reference": "jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src"
},
"product_reference": "jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src"
},
"product_reference": "jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src"
},
"product_reference": "jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src"
},
"product_reference": "jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src"
},
"product_reference": "jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src"
},
"product_reference": "jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src"
},
"product_reference": "jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src"
},
"product_reference": "jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src"
},
"product_reference": "jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src"
},
"product_reference": "jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src"
},
"product_reference": "jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src"
},
"product_reference": "jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src"
},
"product_reference": "jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src"
},
"product_reference": "jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src"
},
"product_reference": "jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src"
},
"product_reference": "jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src"
},
"product_reference": "jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src"
},
"product_reference": "jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src"
},
"product_reference": "jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src"
},
"product_reference": "jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src"
},
"product_reference": "jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src"
},
"product_reference": "jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src"
},
"product_reference": "jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src"
},
"product_reference": "jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src"
},
"product_reference": "jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src"
},
"product_reference": "jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src"
},
"product_reference": "jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src"
},
"product_reference": "jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src"
},
"product_reference": "jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src"
},
"product_reference": "jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src"
},
"product_reference": "jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src"
},
"product_reference": "jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src"
},
"product_reference": "jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src"
},
"product_reference": "jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src"
},
"product_reference": "jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src"
},
"product_reference": "jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch"
},
"product_reference": "jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src"
},
"product_reference": "jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch"
},
"product_reference": "jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src"
},
"product_reference": "jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch"
},
"product_reference": "jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src"
},
"product_reference": "jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch"
},
"product_reference": "jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src"
},
"product_reference": "jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch"
},
"product_reference": "jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src"
},
"product_reference": "jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch"
},
"product_reference": "jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src"
},
"product_reference": "jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch"
},
"product_reference": "jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src"
},
"product_reference": "jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch"
},
"product_reference": "jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src"
},
"product_reference": "jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch"
},
"product_reference": "jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src"
},
"product_reference": "jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el7.noarch"
},
"product_reference": "jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el7.src"
},
"product_reference": "jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el7.noarch"
},
"product_reference": "jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el7.src"
},
"product_reference": "jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el7.noarch"
},
"product_reference": "jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el7.src"
},
"product_reference": "jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el7.noarch"
},
"product_reference": "lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el7.src"
},
"product_reference": "lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el7.noarch"
},
"product_reference": "picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el7.src"
},
"product_reference": "picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2016-4978",
"discovery_date": "2016-09-23T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1379207"
}
],
"notes": [
{
"category": "description",
"text": "It was found that use of a JMS ObjectMessage does not safely handle user supplied data when deserializing objects. A remote attacker could use this flaw to execute arbitrary code with the permissions of the application using a JMS ObjectMessage.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Artemis: Deserialization of untrusted input vulnerability",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el7.src",
"7Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el7.src",
"7Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el7.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2016-4978"
},
{
"category": "external",
"summary": "RHBZ#1379207",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1379207"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2016-4978",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-4978"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2016-4978",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2016-4978"
}
],
"release_date": "2016-09-23T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-05-14T20:36:07+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el7.src",
"7Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el7.src",
"7Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el7.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:1448"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:S/C:P/I:P/A:P",
"version": "2.0"
},
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:L",
"version": "3.0"
},
"products": [
"7Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el7.src",
"7Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el7.src",
"7Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el7.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "Artemis: Deserialization of untrusted input vulnerability"
},
{
"cve": "CVE-2017-3163",
"cwe": {
"id": "CWE-22",
"name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
},
"discovery_date": "2017-05-21T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1454783"
}
],
"notes": [
{
"category": "description",
"text": "When using the Index Replication feature, Apache Solr nodes can pull index files from a master/leader node using an HTTP API which accepts a file name. However, Solr before 5.5.4 and 6.x before 6.4.1 did not validate the file name, hence it was possible to craft a special request involving path traversal, leaving any file readable to the Solr server process exposed. Solr servers protected and restricted by firewall rules and/or authentication would not be at risk since only trusted clients and users would gain direct HTTP access.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "solr: Directory traversal via Index Replication HTTP API",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el7.src",
"7Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el7.src",
"7Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el7.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-3163"
},
{
"category": "external",
"summary": "RHBZ#1454783",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1454783"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-3163",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3163"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-3163",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-3163"
}
],
"release_date": "2017-02-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-05-14T20:36:07+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el7.src",
"7Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el7.src",
"7Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el7.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:1448"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"products": [
"7Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el7.src",
"7Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el7.src",
"7Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el7.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "solr: Directory traversal via Index Replication HTTP API"
},
{
"acknowledgments": [
{
"names": [
"Liao Xinxi"
],
"organization": "NSFOCUS"
}
],
"cve": "CVE-2017-15095",
"cwe": {
"id": "CWE-184",
"name": "Incomplete List of Disallowed Inputs"
},
"discovery_date": "2017-10-14T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1506612"
}
],
"notes": [
{
"category": "description",
"text": "A deserialization flaw was discovered in the jackson-databind which could allow an unauthenticated user to perform code execution by sending the maliciously crafted input to the readValue method of the ObjectMapper. This issue extends the previous flaw CVE-2017-7525 by blacklisting more classes that could be used maliciously.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: Unsafe deserialization due to incomplete black list (incomplete fix for CVE-2017-7525)",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue affects the versions of jackson-databind (in Satellite 6.0 and 6.1) and candlepin (which embeds a copy of jackson-databind in Satellite 6.2) as shipped with Red Hat Satellite 6.x. However the affected code is NOT used at this time:\n\nCandlepin currently uses the default type resolution configuration for the ObjectMappers it creates/uses. Nowhere in candlepin do we enable global polymorphic deserialization via enableDefaultTyping(...), therefore based on the documentation sited BZ 1462702 , candlepin should not be affected.\n\nHowever as the vulnerable software ships with the product we have marked them as vulnerable to ensure the issue is tracked.\n\nJBoss EAP 7.x only uses the vulnerable Jackson Databind library for marshalling and unmarshalling of JSON objects passed to JAX-RS webservices. Some advise about how to remain safe when using JAX-RS webservices on JBoss EAP 7.x is available here: \n\nhttps://access.redhat.com/solutions/3279231",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el7.src",
"7Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el7.src",
"7Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el7.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-15095"
},
{
"category": "external",
"summary": "RHBZ#1506612",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1506612"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-15095",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-15095"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-15095",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-15095"
},
{
"category": "external",
"summary": "https://access.redhat.com/solutions/3442891",
"url": "https://access.redhat.com/solutions/3442891"
}
],
"release_date": "2017-11-02T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-05-14T20:36:07+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el7.src",
"7Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el7.src",
"7Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el7.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:1448"
},
{
"category": "workaround",
"details": "Mitigation to this problem is to not trigger polymorphic desrialization globally by using: objectMapper.enableDefaultTyping() and rather use @JsonTypeInfo on the class property to explicitly define the type information. For more information on this issue please refer to https://www.github.com/mbechler/marshalsec/blob/master/marshalsec.pdf?raw=true",
"product_ids": [
"7Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el7.src",
"7Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el7.src",
"7Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el7.src"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"7Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el7.src",
"7Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el7.src",
"7Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el7.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "jackson-databind: Unsafe deserialization due to incomplete black list (incomplete fix for CVE-2017-7525)"
},
{
"acknowledgments": [
{
"names": [
"0c0c0f from 360\u89c2\u661f\u5b9e\u9a8c\u5ba4"
]
}
],
"cve": "CVE-2017-17485",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2017-12-06T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1528565"
}
],
"notes": [
{
"category": "description",
"text": "A deserialization flaw was discovered in the jackson-databind which could allow an unauthenticated user to perform code execution by sending maliciously crafted input to the readValue method of ObjectMapper. This issue extends upon the previous flaws CVE-2017-7525 and CVE-2017-15095 by blacklisting more classes that could be used maliciously.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: Unsafe deserialization due to incomplete black list (incomplete fix for CVE-2017-15095)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el7.src",
"7Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el7.src",
"7Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el7.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-17485"
},
{
"category": "external",
"summary": "RHBZ#1528565",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1528565"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-17485",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-17485"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-17485",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-17485"
},
{
"category": "external",
"summary": "https://access.redhat.com/solutions/3442891",
"url": "https://access.redhat.com/solutions/3442891"
}
],
"release_date": "2017-12-12T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-05-14T20:36:07+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el7.src",
"7Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el7.src",
"7Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el7.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:1448"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"7Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el7.src",
"7Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el7.src",
"7Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el7.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "jackson-databind: Unsafe deserialization due to incomplete black list (incomplete fix for CVE-2017-15095)"
},
{
"cve": "CVE-2018-1304",
"cwe": {
"id": "CWE-284",
"name": "Improper Access Control"
},
"discovery_date": "2018-02-23T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1548289"
}
],
"notes": [
{
"category": "description",
"text": "The URL pattern of \"\" (the empty string) which exactly maps to the context root was not correctly handled in Apache Tomcat 9.0.0.M1 to 9.0.4, 8.5.0 to 8.5.27, 8.0.0.RC1 to 8.0.49 and 7.0.0 to 7.0.84 when used as part of a security constraint definition. This caused the constraint to be ignored. It was, therefore, possible for unauthorised users to gain access to web application resources that should have been protected. Only security constraints with a URL pattern of the empty string were affected.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "tomcat: Incorrect handling of empty string URL in security constraints can lead to unintended exposure of resources",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el7.src",
"7Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el7.src",
"7Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el7.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-1304"
},
{
"category": "external",
"summary": "RHBZ#1548289",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1548289"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-1304",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1304"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-1304",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-1304"
},
{
"category": "external",
"summary": "https://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.85",
"url": "https://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.85"
},
{
"category": "external",
"summary": "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.0.50",
"url": "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.0.50"
},
{
"category": "external",
"summary": "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.28",
"url": "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.28"
}
],
"release_date": "2018-01-31T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-05-14T20:36:07+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el7.src",
"7Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el7.src",
"7Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el7.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:1448"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"7Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el7.src",
"7Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el7.src",
"7Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el7.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "tomcat: Incorrect handling of empty string URL in security constraints can lead to unintended exposure of resources"
},
{
"cve": "CVE-2018-7489",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2018-02-26T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1549276"
}
],
"notes": [
{
"category": "description",
"text": "FasterXML jackson-databind before 2.7.9.3, 2.8.x before 2.8.11.1 and 2.9.x before 2.9.5 allows unauthenticated remote code execution because of an incomplete fix for the CVE-2017-7525 deserialization flaw. This is exploitable by sending maliciously crafted JSON input to the readValue method of the ObjectMapper, bypassing a blacklist that is ineffective if the c3p0 libraries are available in the classpath.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: incomplete fix for CVE-2017-7525 permits unsafe serialization via c3p0 libraries",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Subscription Asset Manager is now in a reduced support phase receiving only Critical impact security fixes. This issue has been rated as having a security impact of Moderate, and is not currently planned to be addressed in future updates.\n\nSatellite 6.2 does not support c3p0 classes. Since the latter are required for this flaw, therefore Satellite 6.2 is not affected. Satellite 6.3 and 6.4 are not affected because Candlepin does not use polymorphic deserialization.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el7.src",
"7Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el7.src",
"7Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el7.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-7489"
},
{
"category": "external",
"summary": "RHBZ#1549276",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1549276"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-7489",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-7489"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-7489",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-7489"
},
{
"category": "external",
"summary": "https://access.redhat.com/solutions/3442891",
"url": "https://access.redhat.com/solutions/3442891"
}
],
"release_date": "2018-02-26T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-05-14T20:36:07+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el7.src",
"7Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el7.src",
"7Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el7.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:1448"
},
{
"category": "workaround",
"details": "Advice on how to remain safe while using JAX-RS webservices on JBoss EAP 7.x is available here:\n\nhttps://access.redhat.com/solutions/3279231\nhttps://github.com/FasterXML/jackson-docs/wiki/JacksonPolymorphicDeserialization\n\nGeneral Mitigation: \nTry to avoid \n* Deserialization from sources you do not control\n* `enableDefaultTyping()`\n* `@JsonTypeInfo using `id.CLASS` or `id.MINIMAL_CLASS`",
"product_ids": [
"7Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el7.src",
"7Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el7.src",
"7Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el7.src"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"7Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el7.src",
"7Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el7.src",
"7Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el7.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jackson-databind: incomplete fix for CVE-2017-7525 permits unsafe serialization via c3p0 libraries"
},
{
"acknowledgments": [
{
"names": [
"Chris McCown"
]
}
],
"cve": "CVE-2018-8088",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2018-02-26T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1548909"
}
],
"notes": [
{
"category": "description",
"text": "An XML deserialization vulnerability was discovered in slf4j\u0027s EventData, which accepts an XML serialized string and can lead to arbitrary code execution.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "slf4j: Deserialisation vulnerability in EventData constructor can allow for arbitrary code execution",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Subscription Asset Manager is now in a reduced support phase receiving only Critical impact security fixes. This issue has been rated as having a security impact of Important, and is not currently planned to be addressed in future updates.\n\nThis issue did not affect the versions of Candlepin as shipped with Red Hat Satellite 6 as Candlepin uses slf4j-api and not the affected slf4j-ext (which is not on the Candlepin classpath).\n\nRed Hat Enterprise Virtualization Manager 4.1 is affected by this issue. Updated packages that address this issue are available through the Red Hat Enterprise Linux Server channels. Virtualization Manager hosts should be subscribed to these channels and obtain the updates via `yum update`.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el7.src",
"7Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el7.src",
"7Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el7.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-8088"
},
{
"category": "external",
"summary": "RHBZ#1548909",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1548909"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-8088",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-8088"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-8088",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-8088"
}
],
"release_date": "2018-02-22T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-05-14T20:36:07+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el7.src",
"7Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el7.src",
"7Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el7.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:1448"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"7Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el7.src",
"7Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el7.src",
"7Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el7.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "slf4j: Deserialisation vulnerability in EventData constructor can allow for arbitrary code execution"
}
]
}
RHSA-2018_1448
Vulnerability from csaf_redhat - Published: 2018-05-14 20:36 - Updated: 2024-12-08 10:57Summary
Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 6.4.20 security update
Notes
Topic
An update is now available for Red Hat JBoss Enterprise Application Platform 6.4 for Red Hat Enterprise Linux 7.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat JBoss Enterprise Application Platform is a platform for Java applications based on the JBoss Application Server.
This release of Red Hat JBoss Enterprise Application Platform 6.4.20 serves as a replacement for Red Hat JBoss Enterprise Application Platform 6.4.19, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References.
Security Fix(es):
* jackson-databind: Unsafe deserialization due to incomplete black list (incomplete fix for CVE-2017-7525) (CVE-2017-15095)
* jackson-databind: Unsafe deserialization due to incomplete black list (incomplete fix for CVE-2017-15095) (CVE-2017-17485)
* slf4j: Deserialisation vulnerability in EventData constructor can allow for arbitrary code execution (CVE-2018-8088)
* Apache ActiveMQ Artemis: Deserialization of untrusted input vulnerability (CVE-2016-4978)
* solr: Directory traversal via Index Replication HTTP API (CVE-2017-3163)
* tomcat: Incorrect handling of empty string URL in security constraints can lead to unintended exposure of resources (CVE-2018-1304)
* jackson-databind: incomplete fix for CVE-2017-7525 permits unsafe serialization via c3p0 libraries (CVE-2018-7489)
For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.
Red Hat would like to thank Liao Xinxi (NSFOCUS) for reporting CVE-2017-15095; 0c0c0f from 360观星实验室 for reporting CVE-2017-17485; and Chris McCown for reporting CVE-2018-8088.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update is now available for Red Hat JBoss Enterprise Application Platform 6.4 for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat JBoss Enterprise Application Platform is a platform for Java applications based on the JBoss Application Server.\n\nThis release of Red Hat JBoss Enterprise Application Platform 6.4.20 serves as a replacement for Red Hat JBoss Enterprise Application Platform 6.4.19, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References.\n\nSecurity Fix(es):\n\n* jackson-databind: Unsafe deserialization due to incomplete black list (incomplete fix for CVE-2017-7525) (CVE-2017-15095)\n\n* jackson-databind: Unsafe deserialization due to incomplete black list (incomplete fix for CVE-2017-15095) (CVE-2017-17485)\n\n* slf4j: Deserialisation vulnerability in EventData constructor can allow for arbitrary code execution (CVE-2018-8088)\n\n* Apache ActiveMQ Artemis: Deserialization of untrusted input vulnerability (CVE-2016-4978)\n\n* solr: Directory traversal via Index Replication HTTP API (CVE-2017-3163)\n\n* tomcat: Incorrect handling of empty string URL in security constraints can lead to unintended exposure of resources (CVE-2018-1304)\n\n* jackson-databind: incomplete fix for CVE-2017-7525 permits unsafe serialization via c3p0 libraries (CVE-2018-7489)\n\nFor more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.\n\nRed Hat would like to thank Liao Xinxi (NSFOCUS) for reporting CVE-2017-15095; 0c0c0f from 360\u89c2\u661f\u5b9e\u9a8c\u5ba4 for reporting CVE-2017-17485; and Chris McCown for reporting CVE-2018-8088.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2018:1448",
"url": "https://access.redhat.com/errata/RHSA-2018:1448"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/?version=6.4",
"url": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/?version=6.4"
},
{
"category": "external",
"summary": "1379207",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1379207"
},
{
"category": "external",
"summary": "1454783",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1454783"
},
{
"category": "external",
"summary": "1506612",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1506612"
},
{
"category": "external",
"summary": "1528565",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1528565"
},
{
"category": "external",
"summary": "1548289",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1548289"
},
{
"category": "external",
"summary": "1548909",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1548909"
},
{
"category": "external",
"summary": "1549276",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1549276"
},
{
"category": "external",
"summary": "1559010",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1559010"
},
{
"category": "external",
"summary": "1559013",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1559013"
},
{
"category": "external",
"summary": "1559018",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1559018"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2018/rhsa-2018_1448.json"
}
],
"title": "Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 6.4.20 security update",
"tracking": {
"current_release_date": "2024-12-08T10:57:22+00:00",
"generator": {
"date": "2024-12-08T10:57:22+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.3"
}
},
"id": "RHSA-2018:1448",
"initial_release_date": "2018-05-14T20:36:07+00:00",
"revision_history": [
{
"date": "2018-05-14T20:36:07+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2018-05-14T20:36:07+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-12-08T10:57:22+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product": {
"name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el7"
}
}
}
],
"category": "product_family",
"name": "Red Hat JBoss Enterprise Application Platform"
},
{
"branches": [
{
"category": "product_version",
"name": "jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el7.src",
"product": {
"name": "jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el7.src",
"product_id": "jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jgroups@3.2.18-1.Final_redhat_1.1.ep6.el7?arch=src\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el7.src",
"product": {
"name": "jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el7.src",
"product_id": "jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossts@4.17.43-1.Final_redhat_1.1.ep6.el7?arch=src\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el7.src",
"product": {
"name": "jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el7.src",
"product_id": "jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossweb@7.5.28-1.Final_redhat_1.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el7.src",
"product": {
"name": "hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el7.src",
"product_id": "hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/hornetq@2.3.25-26.SP24_redhat_1.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el7.src",
"product": {
"name": "lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el7.src",
"product_id": "lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/lucene-solr@3.6.2-8.redhat_9.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el7.src",
"product": {
"name": "codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el7.src",
"product_id": "codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/codehaus-jackson@1.9.9-12.redhat_6.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el7.src",
"product": {
"name": "picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el7.src",
"product_id": "picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/picketbox@4.1.7-1.Final_redhat_1.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"product": {
"name": "jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"product_id": "jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossas-javadocs@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"product": {
"name": "jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"product_id": "jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-jaxrs@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"product": {
"name": "jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"product_id": "jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-jdr@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"product": {
"name": "jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"product_id": "jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-process-controller@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"product": {
"name": "jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"product_id": "jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-jsr77@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"product": {
"name": "jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"product_id": "jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-security@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"product": {
"name": "jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"product_id": "jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-weld@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"product": {
"name": "jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"product_id": "jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-jsf@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"product": {
"name": "jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"product_id": "jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-system-jmx@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"product": {
"name": "jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"product_id": "jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-jpa@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"product": {
"name": "jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"product_id": "jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-appclient@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"product": {
"name": "jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"product_id": "jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-deployment-scanner@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"product": {
"name": "jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"product_id": "jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-host-controller@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"product": {
"name": "jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"product_id": "jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-webservices@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"product": {
"name": "jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"product_id": "jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-embedded@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"product": {
"name": "jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"product_id": "jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-connector@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"product": {
"name": "jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"product_id": "jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-web@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"product": {
"name": "jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"product_id": "jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-network@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"product": {
"name": "jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"product_id": "jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-transactions@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"product": {
"name": "jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"product_id": "jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-naming@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"product": {
"name": "jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"product_id": "jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-picketlink@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"product": {
"name": "jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"product_id": "jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-clustering@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"product": {
"name": "jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"product_id": "jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-modcluster@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"product": {
"name": "jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"product_id": "jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-version@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"product": {
"name": "jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"product_id": "jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-mail@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"product": {
"name": "jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"product_id": "jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-core-security@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"product": {
"name": "jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"product_id": "jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-osgi@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"product": {
"name": "jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"product_id": "jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-client-all@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"product": {
"name": "jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"product_id": "jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-cli@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"product": {
"name": "jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"product_id": "jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-configadmin@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"product": {
"name": "jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"product_id": "jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-threads@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"product": {
"name": "jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"product_id": "jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-xts@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"product": {
"name": "jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"product_id": "jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-protocol@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"product": {
"name": "jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"product_id": "jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-jmx@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"product": {
"name": "jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"product_id": "jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-ee-deployment@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"product": {
"name": "jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"product_id": "jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-server@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"product": {
"name": "jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"product_id": "jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-jaxr@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"product": {
"name": "jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"product_id": "jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-jacorb@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"product": {
"name": "jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"product_id": "jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-management-client-content@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"product": {
"name": "jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"product_id": "jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-controller-client@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"product": {
"name": "jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"product_id": "jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-domain-management@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"product": {
"name": "jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"product_id": "jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-cmp@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"product": {
"name": "jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"product_id": "jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-remoting@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"product": {
"name": "jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"product_id": "jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-ejb3@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"product": {
"name": "jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"product_id": "jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-logging@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"product": {
"name": "jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"product_id": "jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-osgi-configadmin@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"product": {
"name": "jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"product_id": "jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-domain-http@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"product": {
"name": "jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"product_id": "jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-ee@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"product": {
"name": "jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"product_id": "jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-controller@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"product": {
"name": "jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"product_id": "jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-messaging@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"product": {
"name": "jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"product_id": "jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-pojo@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"product": {
"name": "jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"product_id": "jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-sar@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"product": {
"name": "jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"product_id": "jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-deployment-repository@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"product": {
"name": "jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"product_id": "jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-osgi-service@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"product": {
"name": "jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"product_id": "jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-platform-mbean@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"product": {
"name": "jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"product_id": "jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossas-welcome-content-eap@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"product": {
"name": "jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"product_id": "jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossas-core@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"product": {
"name": "jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"product_id": "jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossas-product-eap@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"product": {
"name": "jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"product_id": "jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossas-domain@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"product": {
"name": "jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"product_id": "jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossas-appclient@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"product": {
"name": "jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"product_id": "jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossas-standalone@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"product": {
"name": "jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"product_id": "jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossas-bundles@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"product": {
"name": "jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"product_id": "jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossas-modules-eap@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el7.noarch",
"product": {
"name": "jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el7.noarch",
"product_id": "jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jgroups@3.2.18-1.Final_redhat_1.1.ep6.el7?arch=noarch\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el7.noarch",
"product": {
"name": "jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el7.noarch",
"product_id": "jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossts@4.17.43-1.Final_redhat_1.1.ep6.el7?arch=noarch\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el7.noarch",
"product": {
"name": "jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el7.noarch",
"product_id": "jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossweb@7.5.28-1.Final_redhat_1.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el7.noarch",
"product": {
"name": "hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el7.noarch",
"product_id": "hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/hornetq@2.3.25-26.SP24_redhat_1.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el7.noarch",
"product": {
"name": "lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el7.noarch",
"product_id": "lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/lucene-solr@3.6.2-8.redhat_9.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el7.noarch",
"product": {
"name": "codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el7.noarch",
"product_id": "codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/codehaus-jackson-core-asl@1.9.9-12.redhat_6.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el7.noarch",
"product": {
"name": "codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el7.noarch",
"product_id": "codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/codehaus-jackson-jaxrs@1.9.9-12.redhat_6.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el7.noarch",
"product": {
"name": "codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el7.noarch",
"product_id": "codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/codehaus-jackson@1.9.9-12.redhat_6.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el7.noarch",
"product": {
"name": "codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el7.noarch",
"product_id": "codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/codehaus-jackson-xc@1.9.9-12.redhat_6.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el7.noarch",
"product": {
"name": "codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el7.noarch",
"product_id": "codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/codehaus-jackson-mapper-asl@1.9.9-12.redhat_6.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el7.noarch",
"product": {
"name": "picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el7.noarch",
"product_id": "picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/picketbox@4.1.7-1.Final_redhat_1.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"product": {
"name": "jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"product_id": "jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossas-javadocs@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"product_id": "jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-jaxrs@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"product_id": "jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-jdr@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"product_id": "jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-process-controller@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"product_id": "jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-jsr77@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"product_id": "jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-security@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"product_id": "jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-weld@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"product_id": "jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-jsf@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"product_id": "jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-system-jmx@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"product_id": "jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-jpa@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"product_id": "jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-appclient@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"product_id": "jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-deployment-scanner@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"product_id": "jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-host-controller@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"product_id": "jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-webservices@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"product_id": "jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-embedded@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"product_id": "jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-connector@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"product_id": "jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-web@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"product_id": "jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-network@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"product_id": "jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-transactions@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"product_id": "jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-naming@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"product_id": "jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-picketlink@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"product_id": "jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-clustering@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"product_id": "jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-modcluster@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"product_id": "jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-version@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"product_id": "jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-mail@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"product_id": "jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-core-security@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"product_id": "jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-osgi@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"product_id": "jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-client-all@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"product_id": "jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-cli@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"product_id": "jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-configadmin@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"product_id": "jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-threads@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"product_id": "jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-xts@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"product_id": "jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-protocol@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"product_id": "jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-jmx@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"product_id": "jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-ee-deployment@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"product_id": "jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-server@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"product_id": "jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-jaxr@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"product_id": "jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-jacorb@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"product_id": "jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-management-client-content@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"product_id": "jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-controller-client@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"product_id": "jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-domain-management@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"product_id": "jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-cmp@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"product_id": "jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-remoting@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"product_id": "jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-ejb3@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"product_id": "jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-logging@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"product_id": "jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-osgi-configadmin@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"product_id": "jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-domain-http@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"product_id": "jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-ee@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"product_id": "jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-controller@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"product_id": "jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-messaging@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"product_id": "jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-pojo@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"product_id": "jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-sar@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"product_id": "jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-deployment-repository@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"product_id": "jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-osgi-service@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"product": {
"name": "jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"product_id": "jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-platform-mbean@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"product": {
"name": "jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"product_id": "jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossas-welcome-content-eap@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"product": {
"name": "jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"product_id": "jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossas-core@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"product": {
"name": "jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"product_id": "jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossas-product-eap@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"product": {
"name": "jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"product_id": "jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossas-domain@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"product": {
"name": "jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"product_id": "jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossas-appclient@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"product": {
"name": "jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"product_id": "jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossas-standalone@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"product": {
"name": "jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"product_id": "jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossas-bundles@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"product": {
"name": "jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"product_id": "jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossas-modules-eap@7.5.20-1.Final_redhat_1.1.ep6.el7?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el7.noarch"
},
"product_reference": "codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el7.src"
},
"product_reference": "codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el7.noarch"
},
"product_reference": "codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el7.noarch"
},
"product_reference": "codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el7.noarch"
},
"product_reference": "codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el7.noarch"
},
"product_reference": "codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el7.noarch"
},
"product_reference": "hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el7.src"
},
"product_reference": "hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src"
},
"product_reference": "jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src"
},
"product_reference": "jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src"
},
"product_reference": "jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src"
},
"product_reference": "jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src"
},
"product_reference": "jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src"
},
"product_reference": "jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src"
},
"product_reference": "jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src"
},
"product_reference": "jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src"
},
"product_reference": "jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src"
},
"product_reference": "jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src"
},
"product_reference": "jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src"
},
"product_reference": "jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src"
},
"product_reference": "jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src"
},
"product_reference": "jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src"
},
"product_reference": "jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src"
},
"product_reference": "jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src"
},
"product_reference": "jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src"
},
"product_reference": "jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src"
},
"product_reference": "jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src"
},
"product_reference": "jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src"
},
"product_reference": "jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src"
},
"product_reference": "jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src"
},
"product_reference": "jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src"
},
"product_reference": "jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src"
},
"product_reference": "jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src"
},
"product_reference": "jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src"
},
"product_reference": "jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src"
},
"product_reference": "jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src"
},
"product_reference": "jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src"
},
"product_reference": "jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src"
},
"product_reference": "jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src"
},
"product_reference": "jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src"
},
"product_reference": "jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src"
},
"product_reference": "jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src"
},
"product_reference": "jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src"
},
"product_reference": "jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src"
},
"product_reference": "jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src"
},
"product_reference": "jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src"
},
"product_reference": "jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src"
},
"product_reference": "jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src"
},
"product_reference": "jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src"
},
"product_reference": "jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src"
},
"product_reference": "jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src"
},
"product_reference": "jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src"
},
"product_reference": "jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src"
},
"product_reference": "jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src"
},
"product_reference": "jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src"
},
"product_reference": "jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src"
},
"product_reference": "jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src"
},
"product_reference": "jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src"
},
"product_reference": "jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src"
},
"product_reference": "jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src"
},
"product_reference": "jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch"
},
"product_reference": "jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src"
},
"product_reference": "jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch"
},
"product_reference": "jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src"
},
"product_reference": "jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch"
},
"product_reference": "jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src"
},
"product_reference": "jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch"
},
"product_reference": "jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src"
},
"product_reference": "jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch"
},
"product_reference": "jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src"
},
"product_reference": "jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch"
},
"product_reference": "jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src"
},
"product_reference": "jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch"
},
"product_reference": "jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src"
},
"product_reference": "jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch"
},
"product_reference": "jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src"
},
"product_reference": "jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch"
},
"product_reference": "jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src"
},
"product_reference": "jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch"
},
"product_reference": "jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src"
},
"product_reference": "jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el7.noarch"
},
"product_reference": "jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el7.src"
},
"product_reference": "jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el7.noarch"
},
"product_reference": "jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el7.src"
},
"product_reference": "jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el7.noarch"
},
"product_reference": "jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el7.src"
},
"product_reference": "jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el7.noarch"
},
"product_reference": "lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el7.src"
},
"product_reference": "lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el7.noarch"
},
"product_reference": "picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el7.noarch",
"relates_to_product_reference": "7Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
"product_id": "7Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el7.src"
},
"product_reference": "picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el7.src",
"relates_to_product_reference": "7Server-JBEAP-6.4"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2016-4978",
"discovery_date": "2016-09-23T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1379207"
}
],
"notes": [
{
"category": "description",
"text": "It was found that use of a JMS ObjectMessage does not safely handle user supplied data when deserializing objects. A remote attacker could use this flaw to execute arbitrary code with the permissions of the application using a JMS ObjectMessage.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Artemis: Deserialization of untrusted input vulnerability",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el7.src",
"7Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el7.src",
"7Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el7.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2016-4978"
},
{
"category": "external",
"summary": "RHBZ#1379207",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1379207"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2016-4978",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-4978"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2016-4978",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2016-4978"
}
],
"release_date": "2016-09-23T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-05-14T20:36:07+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el7.src",
"7Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el7.src",
"7Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el7.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:1448"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:S/C:P/I:P/A:P",
"version": "2.0"
},
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:L",
"version": "3.0"
},
"products": [
"7Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el7.src",
"7Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el7.src",
"7Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el7.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "Artemis: Deserialization of untrusted input vulnerability"
},
{
"cve": "CVE-2017-3163",
"cwe": {
"id": "CWE-22",
"name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
},
"discovery_date": "2017-05-21T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1454783"
}
],
"notes": [
{
"category": "description",
"text": "When using the Index Replication feature, Apache Solr nodes can pull index files from a master/leader node using an HTTP API which accepts a file name. However, Solr before 5.5.4 and 6.x before 6.4.1 did not validate the file name, hence it was possible to craft a special request involving path traversal, leaving any file readable to the Solr server process exposed. Solr servers protected and restricted by firewall rules and/or authentication would not be at risk since only trusted clients and users would gain direct HTTP access.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "solr: Directory traversal via Index Replication HTTP API",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el7.src",
"7Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el7.src",
"7Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el7.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-3163"
},
{
"category": "external",
"summary": "RHBZ#1454783",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1454783"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-3163",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3163"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-3163",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-3163"
}
],
"release_date": "2017-02-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-05-14T20:36:07+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el7.src",
"7Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el7.src",
"7Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el7.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:1448"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"products": [
"7Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el7.src",
"7Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el7.src",
"7Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el7.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "solr: Directory traversal via Index Replication HTTP API"
},
{
"acknowledgments": [
{
"names": [
"Liao Xinxi"
],
"organization": "NSFOCUS"
}
],
"cve": "CVE-2017-15095",
"cwe": {
"id": "CWE-184",
"name": "Incomplete List of Disallowed Inputs"
},
"discovery_date": "2017-10-14T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1506612"
}
],
"notes": [
{
"category": "description",
"text": "A deserialization flaw was discovered in the jackson-databind which could allow an unauthenticated user to perform code execution by sending the maliciously crafted input to the readValue method of the ObjectMapper. This issue extends the previous flaw CVE-2017-7525 by blacklisting more classes that could be used maliciously.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: Unsafe deserialization due to incomplete black list (incomplete fix for CVE-2017-7525)",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue affects the versions of jackson-databind (in Satellite 6.0 and 6.1) and candlepin (which embeds a copy of jackson-databind in Satellite 6.2) as shipped with Red Hat Satellite 6.x. However the affected code is NOT used at this time:\n\nCandlepin currently uses the default type resolution configuration for the ObjectMappers it creates/uses. Nowhere in candlepin do we enable global polymorphic deserialization via enableDefaultTyping(...), therefore based on the documentation sited BZ 1462702 , candlepin should not be affected.\n\nHowever as the vulnerable software ships with the product we have marked them as vulnerable to ensure the issue is tracked.\n\nJBoss EAP 7.x only uses the vulnerable Jackson Databind library for marshalling and unmarshalling of JSON objects passed to JAX-RS webservices. Some advise about how to remain safe when using JAX-RS webservices on JBoss EAP 7.x is available here: \n\nhttps://access.redhat.com/solutions/3279231",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el7.src",
"7Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el7.src",
"7Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el7.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-15095"
},
{
"category": "external",
"summary": "RHBZ#1506612",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1506612"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-15095",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-15095"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-15095",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-15095"
},
{
"category": "external",
"summary": "https://access.redhat.com/solutions/3442891",
"url": "https://access.redhat.com/solutions/3442891"
}
],
"release_date": "2017-11-02T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-05-14T20:36:07+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el7.src",
"7Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el7.src",
"7Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el7.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:1448"
},
{
"category": "workaround",
"details": "Mitigation to this problem is to not trigger polymorphic desrialization globally by using: objectMapper.enableDefaultTyping() and rather use @JsonTypeInfo on the class property to explicitly define the type information. For more information on this issue please refer to https://www.github.com/mbechler/marshalsec/blob/master/marshalsec.pdf?raw=true",
"product_ids": [
"7Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el7.src",
"7Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el7.src",
"7Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el7.src"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"7Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el7.src",
"7Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el7.src",
"7Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el7.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "jackson-databind: Unsafe deserialization due to incomplete black list (incomplete fix for CVE-2017-7525)"
},
{
"acknowledgments": [
{
"names": [
"0c0c0f from 360\u89c2\u661f\u5b9e\u9a8c\u5ba4"
]
}
],
"cve": "CVE-2017-17485",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2017-12-06T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1528565"
}
],
"notes": [
{
"category": "description",
"text": "A deserialization flaw was discovered in the jackson-databind which could allow an unauthenticated user to perform code execution by sending maliciously crafted input to the readValue method of ObjectMapper. This issue extends upon the previous flaws CVE-2017-7525 and CVE-2017-15095 by blacklisting more classes that could be used maliciously.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: Unsafe deserialization due to incomplete black list (incomplete fix for CVE-2017-15095)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el7.src",
"7Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el7.src",
"7Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el7.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-17485"
},
{
"category": "external",
"summary": "RHBZ#1528565",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1528565"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-17485",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-17485"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-17485",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-17485"
},
{
"category": "external",
"summary": "https://access.redhat.com/solutions/3442891",
"url": "https://access.redhat.com/solutions/3442891"
}
],
"release_date": "2017-12-12T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-05-14T20:36:07+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el7.src",
"7Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el7.src",
"7Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el7.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:1448"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"7Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el7.src",
"7Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el7.src",
"7Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el7.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "jackson-databind: Unsafe deserialization due to incomplete black list (incomplete fix for CVE-2017-15095)"
},
{
"cve": "CVE-2018-1304",
"cwe": {
"id": "CWE-284",
"name": "Improper Access Control"
},
"discovery_date": "2018-02-23T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1548289"
}
],
"notes": [
{
"category": "description",
"text": "The URL pattern of \"\" (the empty string) which exactly maps to the context root was not correctly handled in Apache Tomcat 9.0.0.M1 to 9.0.4, 8.5.0 to 8.5.27, 8.0.0.RC1 to 8.0.49 and 7.0.0 to 7.0.84 when used as part of a security constraint definition. This caused the constraint to be ignored. It was, therefore, possible for unauthorised users to gain access to web application resources that should have been protected. Only security constraints with a URL pattern of the empty string were affected.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "tomcat: Incorrect handling of empty string URL in security constraints can lead to unintended exposure of resources",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el7.src",
"7Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el7.src",
"7Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el7.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-1304"
},
{
"category": "external",
"summary": "RHBZ#1548289",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1548289"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-1304",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1304"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-1304",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-1304"
},
{
"category": "external",
"summary": "https://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.85",
"url": "https://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.85"
},
{
"category": "external",
"summary": "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.0.50",
"url": "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.0.50"
},
{
"category": "external",
"summary": "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.28",
"url": "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.28"
}
],
"release_date": "2018-01-31T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-05-14T20:36:07+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el7.src",
"7Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el7.src",
"7Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el7.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:1448"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"7Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el7.src",
"7Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el7.src",
"7Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el7.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "tomcat: Incorrect handling of empty string URL in security constraints can lead to unintended exposure of resources"
},
{
"cve": "CVE-2018-7489",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2018-02-26T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1549276"
}
],
"notes": [
{
"category": "description",
"text": "FasterXML jackson-databind before 2.7.9.3, 2.8.x before 2.8.11.1 and 2.9.x before 2.9.5 allows unauthenticated remote code execution because of an incomplete fix for the CVE-2017-7525 deserialization flaw. This is exploitable by sending maliciously crafted JSON input to the readValue method of the ObjectMapper, bypassing a blacklist that is ineffective if the c3p0 libraries are available in the classpath.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: incomplete fix for CVE-2017-7525 permits unsafe serialization via c3p0 libraries",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Subscription Asset Manager is now in a reduced support phase receiving only Critical impact security fixes. This issue has been rated as having a security impact of Moderate, and is not currently planned to be addressed in future updates.\n\nSatellite 6.2 does not support c3p0 classes. Since the latter are required for this flaw, therefore Satellite 6.2 is not affected. Satellite 6.3 and 6.4 are not affected because Candlepin does not use polymorphic deserialization.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el7.src",
"7Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el7.src",
"7Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el7.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-7489"
},
{
"category": "external",
"summary": "RHBZ#1549276",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1549276"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-7489",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-7489"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-7489",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-7489"
},
{
"category": "external",
"summary": "https://access.redhat.com/solutions/3442891",
"url": "https://access.redhat.com/solutions/3442891"
}
],
"release_date": "2018-02-26T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-05-14T20:36:07+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el7.src",
"7Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el7.src",
"7Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el7.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:1448"
},
{
"category": "workaround",
"details": "Advice on how to remain safe while using JAX-RS webservices on JBoss EAP 7.x is available here:\n\nhttps://access.redhat.com/solutions/3279231\nhttps://github.com/FasterXML/jackson-docs/wiki/JacksonPolymorphicDeserialization\n\nGeneral Mitigation: \nTry to avoid \n* Deserialization from sources you do not control\n* `enableDefaultTyping()`\n* `@JsonTypeInfo using `id.CLASS` or `id.MINIMAL_CLASS`",
"product_ids": [
"7Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el7.src",
"7Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el7.src",
"7Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el7.src"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"7Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el7.src",
"7Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el7.src",
"7Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el7.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jackson-databind: incomplete fix for CVE-2017-7525 permits unsafe serialization via c3p0 libraries"
},
{
"acknowledgments": [
{
"names": [
"Chris McCown"
]
}
],
"cve": "CVE-2018-8088",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2018-02-26T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1548909"
}
],
"notes": [
{
"category": "description",
"text": "An XML deserialization vulnerability was discovered in slf4j\u0027s EventData, which accepts an XML serialized string and can lead to arbitrary code execution.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "slf4j: Deserialisation vulnerability in EventData constructor can allow for arbitrary code execution",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Subscription Asset Manager is now in a reduced support phase receiving only Critical impact security fixes. This issue has been rated as having a security impact of Important, and is not currently planned to be addressed in future updates.\n\nThis issue did not affect the versions of Candlepin as shipped with Red Hat Satellite 6 as Candlepin uses slf4j-api and not the affected slf4j-ext (which is not on the Candlepin classpath).\n\nRed Hat Enterprise Virtualization Manager 4.1 is affected by this issue. Updated packages that address this issue are available through the Red Hat Enterprise Linux Server channels. Virtualization Manager hosts should be subscribed to these channels and obtain the updates via `yum update`.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el7.src",
"7Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el7.src",
"7Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el7.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-8088"
},
{
"category": "external",
"summary": "RHBZ#1548909",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1548909"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-8088",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-8088"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-8088",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-8088"
}
],
"release_date": "2018-02-22T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-05-14T20:36:07+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el7.src",
"7Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el7.src",
"7Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el7.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:1448"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"7Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el7.src",
"7Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el7.src",
"7Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el7.src",
"7Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el7.noarch",
"7Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el7.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "slf4j: Deserialisation vulnerability in EventData constructor can allow for arbitrary code execution"
}
]
}
RHSA-2018_1451
Vulnerability from csaf_redhat - Published: 2018-05-14 20:51 - Updated: 2024-12-08 10:58Summary
Red Hat Security Advisory: eap6-jboss-ec2-eap security update
Notes
Topic
An update for jboss-ec2-eap is now available for Red Hat JBoss Enterprise
Application Platform 6.4 for Red Hat Enterprise Linux 6.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
The jboss-ec2-eap packages provide scripts for Red Hat JBoss Enterprise
Application Platform running on the Amazon Web Services (AWS) Elastic Compute Cloud (EC2).
With this update, the jboss-ec2-eap package has been updated to ensure
compatibility with Red Hat JBoss Enterprise Application Platform 6.4.19.
Security Fix(es):
* jackson-databind: Unsafe deserialization due to incomplete black list (incomplete fix for CVE-2017-7525) (CVE-2017-15095)
* jackson-databind: Unsafe deserialization due to incomplete black list (incomplete fix for CVE-2017-15095) (CVE-2017-17485)
* slf4j: Deserialisation vulnerability in EventData constructor can allow for arbitrary code execution (CVE-2018-8088)
* Apache ActiveMQ Artemis: Deserialization of untrusted input vulnerability (CVE-2016-4978)
* solr: Directory traversal via Index Replication HTTP API (CVE-2017-3163)
* tomcat: Incorrect handling of empty string URL in security constraints can lead to unintended exposure of resources (CVE-2018-1304)
* jackson-databind: incomplete fix for CVE-2017-7525 permits unsafe serialization via c3p0 libraries (CVE-2018-7489)
For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.
Red Hat would like to thank Liao Xinxi (NSFOCUS) for reporting CVE-2017-15095; 0c0c0f from 360观星实验室 for reporting CVE-2017-17485; and Chris McCown for reporting CVE-2018-8088.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for jboss-ec2-eap is now available for Red Hat JBoss Enterprise\nApplication Platform 6.4 for Red Hat Enterprise Linux 6.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "The jboss-ec2-eap packages provide scripts for Red Hat JBoss Enterprise\nApplication Platform running on the Amazon Web Services (AWS) Elastic Compute Cloud (EC2).\n\nWith this update, the jboss-ec2-eap package has been updated to ensure\ncompatibility with Red Hat JBoss Enterprise Application Platform 6.4.19.\n\nSecurity Fix(es):\n\n* jackson-databind: Unsafe deserialization due to incomplete black list (incomplete fix for CVE-2017-7525) (CVE-2017-15095)\n\n* jackson-databind: Unsafe deserialization due to incomplete black list (incomplete fix for CVE-2017-15095) (CVE-2017-17485)\n\n* slf4j: Deserialisation vulnerability in EventData constructor can allow for arbitrary code execution (CVE-2018-8088)\n\n* Apache ActiveMQ Artemis: Deserialization of untrusted input vulnerability (CVE-2016-4978)\n\n* solr: Directory traversal via Index Replication HTTP API (CVE-2017-3163)\n\n* tomcat: Incorrect handling of empty string URL in security constraints can lead to unintended exposure of resources (CVE-2018-1304)\n\n* jackson-databind: incomplete fix for CVE-2017-7525 permits unsafe serialization via c3p0 libraries (CVE-2018-7489)\n\nFor more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.\n\nRed Hat would like to thank Liao Xinxi (NSFOCUS) for reporting CVE-2017-15095; 0c0c0f from 360\u89c2\u661f\u5b9e\u9a8c\u5ba4 for reporting CVE-2017-17485; and Chris McCown for reporting CVE-2018-8088.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2018:1451",
"url": "https://access.redhat.com/errata/RHSA-2018:1451"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/?version=6.4",
"url": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/?version=6.4"
},
{
"category": "external",
"summary": "1379207",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1379207"
},
{
"category": "external",
"summary": "1454783",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1454783"
},
{
"category": "external",
"summary": "1506612",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1506612"
},
{
"category": "external",
"summary": "1528565",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1528565"
},
{
"category": "external",
"summary": "1548289",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1548289"
},
{
"category": "external",
"summary": "1548909",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1548909"
},
{
"category": "external",
"summary": "1549276",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1549276"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2018/rhsa-2018_1451.json"
}
],
"title": "Red Hat Security Advisory: eap6-jboss-ec2-eap security update",
"tracking": {
"current_release_date": "2024-12-08T10:58:05+00:00",
"generator": {
"date": "2024-12-08T10:58:05+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.3"
}
},
"id": "RHSA-2018:1451",
"initial_release_date": "2018-05-14T20:51:07+00:00",
"revision_history": [
{
"date": "2018-05-14T20:51:07+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2018-05-14T20:51:07+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-12-08T10:58:05+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product": {
"name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6"
}
}
}
],
"category": "product_family",
"name": "Red Hat JBoss Enterprise Application Platform"
},
{
"branches": [
{
"category": "product_version",
"name": "jboss-ec2-eap-0:7.5.20-1.Final_redhat_1.ep6.el6.src",
"product": {
"name": "jboss-ec2-eap-0:7.5.20-1.Final_redhat_1.ep6.el6.src",
"product_id": "jboss-ec2-eap-0:7.5.20-1.Final_redhat_1.ep6.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-ec2-eap@7.5.20-1.Final_redhat_1.ep6.el6?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "jboss-ec2-eap-0:7.5.20-1.Final_redhat_1.ep6.el6.noarch",
"product": {
"name": "jboss-ec2-eap-0:7.5.20-1.Final_redhat_1.ep6.el6.noarch",
"product_id": "jboss-ec2-eap-0:7.5.20-1.Final_redhat_1.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-ec2-eap@7.5.20-1.Final_redhat_1.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-ec2-eap-samples-0:7.5.20-1.Final_redhat_1.ep6.el6.noarch",
"product": {
"name": "jboss-ec2-eap-samples-0:7.5.20-1.Final_redhat_1.ep6.el6.noarch",
"product_id": "jboss-ec2-eap-samples-0:7.5.20-1.Final_redhat_1.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-ec2-eap-samples@7.5.20-1.Final_redhat_1.ep6.el6?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-ec2-eap-0:7.5.20-1.Final_redhat_1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.20-1.Final_redhat_1.ep6.el6.noarch"
},
"product_reference": "jboss-ec2-eap-0:7.5.20-1.Final_redhat_1.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-ec2-eap-0:7.5.20-1.Final_redhat_1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.20-1.Final_redhat_1.ep6.el6.src"
},
"product_reference": "jboss-ec2-eap-0:7.5.20-1.Final_redhat_1.ep6.el6.src",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-ec2-eap-samples-0:7.5.20-1.Final_redhat_1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-ec2-eap-samples-0:7.5.20-1.Final_redhat_1.ep6.el6.noarch"
},
"product_reference": "jboss-ec2-eap-samples-0:7.5.20-1.Final_redhat_1.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2016-4978",
"discovery_date": "2016-09-23T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1379207"
}
],
"notes": [
{
"category": "description",
"text": "It was found that use of a JMS ObjectMessage does not safely handle user supplied data when deserializing objects. A remote attacker could use this flaw to execute arbitrary code with the permissions of the application using a JMS ObjectMessage.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Artemis: Deserialization of untrusted input vulnerability",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.20-1.Final_redhat_1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.20-1.Final_redhat_1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-ec2-eap-samples-0:7.5.20-1.Final_redhat_1.ep6.el6.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2016-4978"
},
{
"category": "external",
"summary": "RHBZ#1379207",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1379207"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2016-4978",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-4978"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2016-4978",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2016-4978"
}
],
"release_date": "2016-09-23T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-05-14T20:51:07+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.20-1.Final_redhat_1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.20-1.Final_redhat_1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-ec2-eap-samples-0:7.5.20-1.Final_redhat_1.ep6.el6.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:1451"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:S/C:P/I:P/A:P",
"version": "2.0"
},
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:L",
"version": "3.0"
},
"products": [
"6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.20-1.Final_redhat_1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.20-1.Final_redhat_1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-ec2-eap-samples-0:7.5.20-1.Final_redhat_1.ep6.el6.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "Artemis: Deserialization of untrusted input vulnerability"
},
{
"cve": "CVE-2017-3163",
"cwe": {
"id": "CWE-22",
"name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
},
"discovery_date": "2017-05-21T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1454783"
}
],
"notes": [
{
"category": "description",
"text": "When using the Index Replication feature, Apache Solr nodes can pull index files from a master/leader node using an HTTP API which accepts a file name. However, Solr before 5.5.4 and 6.x before 6.4.1 did not validate the file name, hence it was possible to craft a special request involving path traversal, leaving any file readable to the Solr server process exposed. Solr servers protected and restricted by firewall rules and/or authentication would not be at risk since only trusted clients and users would gain direct HTTP access.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "solr: Directory traversal via Index Replication HTTP API",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.20-1.Final_redhat_1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.20-1.Final_redhat_1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-ec2-eap-samples-0:7.5.20-1.Final_redhat_1.ep6.el6.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-3163"
},
{
"category": "external",
"summary": "RHBZ#1454783",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1454783"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-3163",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3163"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-3163",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-3163"
}
],
"release_date": "2017-02-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-05-14T20:51:07+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.20-1.Final_redhat_1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.20-1.Final_redhat_1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-ec2-eap-samples-0:7.5.20-1.Final_redhat_1.ep6.el6.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:1451"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"products": [
"6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.20-1.Final_redhat_1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.20-1.Final_redhat_1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-ec2-eap-samples-0:7.5.20-1.Final_redhat_1.ep6.el6.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "solr: Directory traversal via Index Replication HTTP API"
},
{
"acknowledgments": [
{
"names": [
"Liao Xinxi"
],
"organization": "NSFOCUS"
}
],
"cve": "CVE-2017-15095",
"cwe": {
"id": "CWE-184",
"name": "Incomplete List of Disallowed Inputs"
},
"discovery_date": "2017-10-14T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1506612"
}
],
"notes": [
{
"category": "description",
"text": "A deserialization flaw was discovered in the jackson-databind which could allow an unauthenticated user to perform code execution by sending the maliciously crafted input to the readValue method of the ObjectMapper. This issue extends the previous flaw CVE-2017-7525 by blacklisting more classes that could be used maliciously.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: Unsafe deserialization due to incomplete black list (incomplete fix for CVE-2017-7525)",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue affects the versions of jackson-databind (in Satellite 6.0 and 6.1) and candlepin (which embeds a copy of jackson-databind in Satellite 6.2) as shipped with Red Hat Satellite 6.x. However the affected code is NOT used at this time:\n\nCandlepin currently uses the default type resolution configuration for the ObjectMappers it creates/uses. Nowhere in candlepin do we enable global polymorphic deserialization via enableDefaultTyping(...), therefore based on the documentation sited BZ 1462702 , candlepin should not be affected.\n\nHowever as the vulnerable software ships with the product we have marked them as vulnerable to ensure the issue is tracked.\n\nJBoss EAP 7.x only uses the vulnerable Jackson Databind library for marshalling and unmarshalling of JSON objects passed to JAX-RS webservices. Some advise about how to remain safe when using JAX-RS webservices on JBoss EAP 7.x is available here: \n\nhttps://access.redhat.com/solutions/3279231",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.20-1.Final_redhat_1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.20-1.Final_redhat_1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-ec2-eap-samples-0:7.5.20-1.Final_redhat_1.ep6.el6.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-15095"
},
{
"category": "external",
"summary": "RHBZ#1506612",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1506612"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-15095",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-15095"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-15095",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-15095"
},
{
"category": "external",
"summary": "https://access.redhat.com/solutions/3442891",
"url": "https://access.redhat.com/solutions/3442891"
}
],
"release_date": "2017-11-02T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-05-14T20:51:07+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.20-1.Final_redhat_1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.20-1.Final_redhat_1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-ec2-eap-samples-0:7.5.20-1.Final_redhat_1.ep6.el6.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:1451"
},
{
"category": "workaround",
"details": "Mitigation to this problem is to not trigger polymorphic desrialization globally by using: objectMapper.enableDefaultTyping() and rather use @JsonTypeInfo on the class property to explicitly define the type information. For more information on this issue please refer to https://www.github.com/mbechler/marshalsec/blob/master/marshalsec.pdf?raw=true",
"product_ids": [
"6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.20-1.Final_redhat_1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.20-1.Final_redhat_1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-ec2-eap-samples-0:7.5.20-1.Final_redhat_1.ep6.el6.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.20-1.Final_redhat_1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.20-1.Final_redhat_1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-ec2-eap-samples-0:7.5.20-1.Final_redhat_1.ep6.el6.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "jackson-databind: Unsafe deserialization due to incomplete black list (incomplete fix for CVE-2017-7525)"
},
{
"acknowledgments": [
{
"names": [
"0c0c0f from 360\u89c2\u661f\u5b9e\u9a8c\u5ba4"
]
}
],
"cve": "CVE-2017-17485",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2017-12-06T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1528565"
}
],
"notes": [
{
"category": "description",
"text": "A deserialization flaw was discovered in the jackson-databind which could allow an unauthenticated user to perform code execution by sending maliciously crafted input to the readValue method of ObjectMapper. This issue extends upon the previous flaws CVE-2017-7525 and CVE-2017-15095 by blacklisting more classes that could be used maliciously.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: Unsafe deserialization due to incomplete black list (incomplete fix for CVE-2017-15095)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.20-1.Final_redhat_1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.20-1.Final_redhat_1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-ec2-eap-samples-0:7.5.20-1.Final_redhat_1.ep6.el6.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-17485"
},
{
"category": "external",
"summary": "RHBZ#1528565",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1528565"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-17485",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-17485"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-17485",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-17485"
},
{
"category": "external",
"summary": "https://access.redhat.com/solutions/3442891",
"url": "https://access.redhat.com/solutions/3442891"
}
],
"release_date": "2017-12-12T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-05-14T20:51:07+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.20-1.Final_redhat_1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.20-1.Final_redhat_1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-ec2-eap-samples-0:7.5.20-1.Final_redhat_1.ep6.el6.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:1451"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.20-1.Final_redhat_1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.20-1.Final_redhat_1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-ec2-eap-samples-0:7.5.20-1.Final_redhat_1.ep6.el6.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "jackson-databind: Unsafe deserialization due to incomplete black list (incomplete fix for CVE-2017-15095)"
},
{
"cve": "CVE-2018-1304",
"cwe": {
"id": "CWE-284",
"name": "Improper Access Control"
},
"discovery_date": "2018-02-23T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1548289"
}
],
"notes": [
{
"category": "description",
"text": "The URL pattern of \"\" (the empty string) which exactly maps to the context root was not correctly handled in Apache Tomcat 9.0.0.M1 to 9.0.4, 8.5.0 to 8.5.27, 8.0.0.RC1 to 8.0.49 and 7.0.0 to 7.0.84 when used as part of a security constraint definition. This caused the constraint to be ignored. It was, therefore, possible for unauthorised users to gain access to web application resources that should have been protected. Only security constraints with a URL pattern of the empty string were affected.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "tomcat: Incorrect handling of empty string URL in security constraints can lead to unintended exposure of resources",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.20-1.Final_redhat_1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.20-1.Final_redhat_1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-ec2-eap-samples-0:7.5.20-1.Final_redhat_1.ep6.el6.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-1304"
},
{
"category": "external",
"summary": "RHBZ#1548289",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1548289"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-1304",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1304"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-1304",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-1304"
},
{
"category": "external",
"summary": "https://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.85",
"url": "https://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.85"
},
{
"category": "external",
"summary": "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.0.50",
"url": "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.0.50"
},
{
"category": "external",
"summary": "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.28",
"url": "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.28"
}
],
"release_date": "2018-01-31T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-05-14T20:51:07+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.20-1.Final_redhat_1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.20-1.Final_redhat_1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-ec2-eap-samples-0:7.5.20-1.Final_redhat_1.ep6.el6.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:1451"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.20-1.Final_redhat_1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.20-1.Final_redhat_1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-ec2-eap-samples-0:7.5.20-1.Final_redhat_1.ep6.el6.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "tomcat: Incorrect handling of empty string URL in security constraints can lead to unintended exposure of resources"
},
{
"cve": "CVE-2018-7489",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2018-02-26T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1549276"
}
],
"notes": [
{
"category": "description",
"text": "FasterXML jackson-databind before 2.7.9.3, 2.8.x before 2.8.11.1 and 2.9.x before 2.9.5 allows unauthenticated remote code execution because of an incomplete fix for the CVE-2017-7525 deserialization flaw. This is exploitable by sending maliciously crafted JSON input to the readValue method of the ObjectMapper, bypassing a blacklist that is ineffective if the c3p0 libraries are available in the classpath.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: incomplete fix for CVE-2017-7525 permits unsafe serialization via c3p0 libraries",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Subscription Asset Manager is now in a reduced support phase receiving only Critical impact security fixes. This issue has been rated as having a security impact of Moderate, and is not currently planned to be addressed in future updates.\n\nSatellite 6.2 does not support c3p0 classes. Since the latter are required for this flaw, therefore Satellite 6.2 is not affected. Satellite 6.3 and 6.4 are not affected because Candlepin does not use polymorphic deserialization.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.20-1.Final_redhat_1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.20-1.Final_redhat_1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-ec2-eap-samples-0:7.5.20-1.Final_redhat_1.ep6.el6.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-7489"
},
{
"category": "external",
"summary": "RHBZ#1549276",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1549276"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-7489",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-7489"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-7489",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-7489"
},
{
"category": "external",
"summary": "https://access.redhat.com/solutions/3442891",
"url": "https://access.redhat.com/solutions/3442891"
}
],
"release_date": "2018-02-26T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-05-14T20:51:07+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.20-1.Final_redhat_1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.20-1.Final_redhat_1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-ec2-eap-samples-0:7.5.20-1.Final_redhat_1.ep6.el6.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:1451"
},
{
"category": "workaround",
"details": "Advice on how to remain safe while using JAX-RS webservices on JBoss EAP 7.x is available here:\n\nhttps://access.redhat.com/solutions/3279231\nhttps://github.com/FasterXML/jackson-docs/wiki/JacksonPolymorphicDeserialization\n\nGeneral Mitigation: \nTry to avoid \n* Deserialization from sources you do not control\n* `enableDefaultTyping()`\n* `@JsonTypeInfo using `id.CLASS` or `id.MINIMAL_CLASS`",
"product_ids": [
"6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.20-1.Final_redhat_1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.20-1.Final_redhat_1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-ec2-eap-samples-0:7.5.20-1.Final_redhat_1.ep6.el6.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.20-1.Final_redhat_1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.20-1.Final_redhat_1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-ec2-eap-samples-0:7.5.20-1.Final_redhat_1.ep6.el6.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jackson-databind: incomplete fix for CVE-2017-7525 permits unsafe serialization via c3p0 libraries"
},
{
"acknowledgments": [
{
"names": [
"Chris McCown"
]
}
],
"cve": "CVE-2018-8088",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2018-02-26T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1548909"
}
],
"notes": [
{
"category": "description",
"text": "An XML deserialization vulnerability was discovered in slf4j\u0027s EventData, which accepts an XML serialized string and can lead to arbitrary code execution.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "slf4j: Deserialisation vulnerability in EventData constructor can allow for arbitrary code execution",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Subscription Asset Manager is now in a reduced support phase receiving only Critical impact security fixes. This issue has been rated as having a security impact of Important, and is not currently planned to be addressed in future updates.\n\nThis issue did not affect the versions of Candlepin as shipped with Red Hat Satellite 6 as Candlepin uses slf4j-api and not the affected slf4j-ext (which is not on the Candlepin classpath).\n\nRed Hat Enterprise Virtualization Manager 4.1 is affected by this issue. Updated packages that address this issue are available through the Red Hat Enterprise Linux Server channels. Virtualization Manager hosts should be subscribed to these channels and obtain the updates via `yum update`.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.20-1.Final_redhat_1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.20-1.Final_redhat_1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-ec2-eap-samples-0:7.5.20-1.Final_redhat_1.ep6.el6.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-8088"
},
{
"category": "external",
"summary": "RHBZ#1548909",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1548909"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-8088",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-8088"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-8088",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-8088"
}
],
"release_date": "2018-02-22T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-05-14T20:51:07+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.20-1.Final_redhat_1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.20-1.Final_redhat_1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-ec2-eap-samples-0:7.5.20-1.Final_redhat_1.ep6.el6.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:1451"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.20-1.Final_redhat_1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.20-1.Final_redhat_1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-ec2-eap-samples-0:7.5.20-1.Final_redhat_1.ep6.el6.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "slf4j: Deserialisation vulnerability in EventData constructor can allow for arbitrary code execution"
}
]
}
RHSA-2018:1449
Vulnerability from csaf_redhat - Published: 2018-05-14 20:36 - Updated: 2025-11-21 18:04Summary
Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 6.4.20 security update
Notes
Topic
An update is now available for Red Hat JBoss Enterprise Application Platform 6.4 for Red Hat Enterprise Linux 6.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat JBoss Enterprise Application Platform is a platform for Java applications based on the JBoss Application Server.
This release of Red Hat JBoss Enterprise Application Platform 6.4.20 serves as a replacement for Red Hat JBoss Enterprise Application Platform 6.4.19, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References.
Security Fix(es):
* jackson-databind: Unsafe deserialization due to incomplete black list (incomplete fix for CVE-2017-7525) (CVE-2017-15095)
* jackson-databind: Unsafe deserialization due to incomplete black list (incomplete fix for CVE-2017-15095) (CVE-2017-17485)
* slf4j: Deserialisation vulnerability in EventData constructor can allow for arbitrary code execution (CVE-2018-8088)
* Apache ActiveMQ Artemis: Deserialization of untrusted input vulnerability (CVE-2016-4978)
* solr: Directory traversal via Index Replication HTTP API (CVE-2017-3163)
* tomcat: Incorrect handling of empty string URL in security constraints can lead to unintended exposure of resources (CVE-2018-1304)
* jackson-databind: incomplete fix for CVE-2017-7525 permits unsafe serialization via c3p0 libraries (CVE-2018-7489)
For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.
Red Hat would like to thank Liao Xinxi (NSFOCUS) for reporting CVE-2017-15095; 0c0c0f from 360观星实验室 for reporting CVE-2017-17485; and Chris McCown for reporting CVE-2018-8088.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update is now available for Red Hat JBoss Enterprise Application Platform 6.4 for Red Hat Enterprise Linux 6.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat JBoss Enterprise Application Platform is a platform for Java applications based on the JBoss Application Server.\n\nThis release of Red Hat JBoss Enterprise Application Platform 6.4.20 serves as a replacement for Red Hat JBoss Enterprise Application Platform 6.4.19, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References.\n\nSecurity Fix(es):\n\n* jackson-databind: Unsafe deserialization due to incomplete black list (incomplete fix for CVE-2017-7525) (CVE-2017-15095)\n\n* jackson-databind: Unsafe deserialization due to incomplete black list (incomplete fix for CVE-2017-15095) (CVE-2017-17485)\n\n* slf4j: Deserialisation vulnerability in EventData constructor can allow for arbitrary code execution (CVE-2018-8088)\n\n* Apache ActiveMQ Artemis: Deserialization of untrusted input vulnerability (CVE-2016-4978)\n\n* solr: Directory traversal via Index Replication HTTP API (CVE-2017-3163)\n\n* tomcat: Incorrect handling of empty string URL in security constraints can lead to unintended exposure of resources (CVE-2018-1304)\n\n* jackson-databind: incomplete fix for CVE-2017-7525 permits unsafe serialization via c3p0 libraries (CVE-2018-7489)\n\nFor more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.\n\nRed Hat would like to thank Liao Xinxi (NSFOCUS) for reporting CVE-2017-15095; 0c0c0f from 360\u89c2\u661f\u5b9e\u9a8c\u5ba4 for reporting CVE-2017-17485; and Chris McCown for reporting CVE-2018-8088.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2018:1449",
"url": "https://access.redhat.com/errata/RHSA-2018:1449"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/?version=6.4",
"url": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/?version=6.4"
},
{
"category": "external",
"summary": "1379207",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1379207"
},
{
"category": "external",
"summary": "1454783",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1454783"
},
{
"category": "external",
"summary": "1506612",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1506612"
},
{
"category": "external",
"summary": "1528565",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1528565"
},
{
"category": "external",
"summary": "1548289",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1548289"
},
{
"category": "external",
"summary": "1548909",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1548909"
},
{
"category": "external",
"summary": "1549276",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1549276"
},
{
"category": "external",
"summary": "1559008",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1559008"
},
{
"category": "external",
"summary": "1559011",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1559011"
},
{
"category": "external",
"summary": "1559016",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1559016"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2018/rhsa-2018_1449.json"
}
],
"title": "Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 6.4.20 security update",
"tracking": {
"current_release_date": "2025-11-21T18:04:43+00:00",
"generator": {
"date": "2025-11-21T18:04:43+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.12"
}
},
"id": "RHSA-2018:1449",
"initial_release_date": "2018-05-14T20:36:31+00:00",
"revision_history": [
{
"date": "2018-05-14T20:36:31+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2018-05-14T20:36:31+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-11-21T18:04:43+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product": {
"name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6"
}
}
}
],
"category": "product_family",
"name": "Red Hat JBoss Enterprise Application Platform"
},
{
"branches": [
{
"category": "product_version",
"name": "jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el6.src",
"product": {
"name": "jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el6.src",
"product_id": "jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jgroups@3.2.18-1.Final_redhat_1.1.ep6.el6?arch=src\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el6.src",
"product": {
"name": "jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el6.src",
"product_id": "jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossts@4.17.43-1.Final_redhat_1.1.ep6.el6?arch=src\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el6.src",
"product": {
"name": "jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el6.src",
"product_id": "jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossweb@7.5.28-1.Final_redhat_1.1.ep6.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el6.src",
"product": {
"name": "hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el6.src",
"product_id": "hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/hornetq@2.3.25-26.SP24_redhat_1.1.ep6.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el6.src",
"product": {
"name": "lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el6.src",
"product_id": "lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/lucene-solr@3.6.2-8.redhat_9.1.ep6.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el6.src",
"product": {
"name": "codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el6.src",
"product_id": "codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/codehaus-jackson@1.9.9-12.redhat_6.1.ep6.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el6.src",
"product": {
"name": "picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el6.src",
"product_id": "picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/picketbox@4.1.7-1.Final_redhat_1.1.ep6.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"product": {
"name": "jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"product_id": "jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossas-javadocs@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"product": {
"name": "jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"product_id": "jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-weld@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"product": {
"name": "jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"product_id": "jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-clustering@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"product": {
"name": "jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"product_id": "jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-host-controller@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"product": {
"name": "jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"product_id": "jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-configadmin@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"product": {
"name": "jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"product_id": "jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-web@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"product": {
"name": "jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"product_id": "jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-cli@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"product": {
"name": "jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"product_id": "jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-core-security@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"product": {
"name": "jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"product_id": "jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-picketlink@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"product": {
"name": "jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"product_id": "jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-modcluster@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"product": {
"name": "jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"product_id": "jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-remoting@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"product": {
"name": "jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"product_id": "jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-jsf@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"product": {
"name": "jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"product_id": "jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-management-client-content@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"product": {
"name": "jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"product_id": "jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-security@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"product": {
"name": "jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"product_id": "jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-jaxrs@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"product": {
"name": "jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"product_id": "jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-network@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"product": {
"name": "jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"product_id": "jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-osgi-configadmin@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"product": {
"name": "jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"product_id": "jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-client-all@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"product": {
"name": "jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"product_id": "jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-jsr77@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"product": {
"name": "jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"product_id": "jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-embedded@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"product": {
"name": "jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"product_id": "jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-threads@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"product": {
"name": "jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"product_id": "jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-cmp@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"product": {
"name": "jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"product_id": "jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-mail@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"product": {
"name": "jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"product_id": "jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-ee-deployment@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"product": {
"name": "jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"product_id": "jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-platform-mbean@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"product": {
"name": "jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"product_id": "jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-jpa@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"product": {
"name": "jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"product_id": "jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-messaging@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"product": {
"name": "jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"product_id": "jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-osgi-service@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"product": {
"name": "jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"product_id": "jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-appclient@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"product": {
"name": "jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"product_id": "jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-domain-management@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"product": {
"name": "jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"product_id": "jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-pojo@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"product": {
"name": "jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"product_id": "jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-server@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"product": {
"name": "jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"product_id": "jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-naming@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"product": {
"name": "jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"product_id": "jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-jacorb@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"product": {
"name": "jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"product_id": "jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-controller@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"product": {
"name": "jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"product_id": "jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-jdr@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"product": {
"name": "jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"product_id": "jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-protocol@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"product": {
"name": "jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"product_id": "jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-jmx@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"product": {
"name": "jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"product_id": "jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-logging@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"product": {
"name": "jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"product_id": "jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-domain-http@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"product": {
"name": "jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"product_id": "jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-jaxr@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"product": {
"name": "jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"product_id": "jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-transactions@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"product": {
"name": "jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"product_id": "jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-controller-client@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"product": {
"name": "jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"product_id": "jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-process-controller@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"product": {
"name": "jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"product_id": "jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-ejb3@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"product": {
"name": "jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"product_id": "jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-deployment-repository@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"product": {
"name": "jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"product_id": "jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-connector@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"product": {
"name": "jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"product_id": "jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-webservices@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"product": {
"name": "jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"product_id": "jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-deployment-scanner@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"product": {
"name": "jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"product_id": "jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-system-jmx@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"product": {
"name": "jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"product_id": "jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-sar@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"product": {
"name": "jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"product_id": "jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-version@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"product": {
"name": "jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"product_id": "jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-osgi@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"product": {
"name": "jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"product_id": "jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-ee@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"product": {
"name": "jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"product_id": "jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-xts@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"product": {
"name": "jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"product_id": "jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossas-welcome-content-eap@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"product": {
"name": "jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"product_id": "jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossas-standalone@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"product": {
"name": "jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"product_id": "jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossas-appclient@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"product": {
"name": "jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"product_id": "jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossas-domain@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"product": {
"name": "jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"product_id": "jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossas-bundles@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"product": {
"name": "jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"product_id": "jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossas-product-eap@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"product": {
"name": "jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"product_id": "jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossas-core@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"product": {
"name": "jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"product_id": "jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossas-modules-eap@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el6.noarch",
"product": {
"name": "jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el6.noarch",
"product_id": "jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jgroups@3.2.18-1.Final_redhat_1.1.ep6.el6?arch=noarch\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el6.noarch",
"product": {
"name": "jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el6.noarch",
"product_id": "jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossts@4.17.43-1.Final_redhat_1.1.ep6.el6?arch=noarch\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el6.noarch",
"product": {
"name": "jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el6.noarch",
"product_id": "jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossweb@7.5.28-1.Final_redhat_1.1.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el6.noarch",
"product": {
"name": "hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el6.noarch",
"product_id": "hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/hornetq@2.3.25-26.SP24_redhat_1.1.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el6.noarch",
"product": {
"name": "lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el6.noarch",
"product_id": "lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/lucene-solr@3.6.2-8.redhat_9.1.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el6.noarch",
"product": {
"name": "codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el6.noarch",
"product_id": "codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/codehaus-jackson-core-asl@1.9.9-12.redhat_6.1.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el6.noarch",
"product": {
"name": "codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el6.noarch",
"product_id": "codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/codehaus-jackson-mapper-asl@1.9.9-12.redhat_6.1.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el6.noarch",
"product": {
"name": "codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el6.noarch",
"product_id": "codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/codehaus-jackson@1.9.9-12.redhat_6.1.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el6.noarch",
"product": {
"name": "codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el6.noarch",
"product_id": "codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/codehaus-jackson-jaxrs@1.9.9-12.redhat_6.1.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el6.noarch",
"product": {
"name": "codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el6.noarch",
"product_id": "codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/codehaus-jackson-xc@1.9.9-12.redhat_6.1.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el6.noarch",
"product": {
"name": "picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el6.noarch",
"product_id": "picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/picketbox@4.1.7-1.Final_redhat_1.1.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"product": {
"name": "jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"product_id": "jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossas-javadocs@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"product": {
"name": "jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"product_id": "jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-weld@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"product": {
"name": "jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"product_id": "jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-clustering@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"product": {
"name": "jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"product_id": "jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-host-controller@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"product": {
"name": "jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"product_id": "jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-configadmin@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"product": {
"name": "jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"product_id": "jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-web@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"product": {
"name": "jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"product_id": "jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-cli@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"product": {
"name": "jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"product_id": "jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-core-security@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"product": {
"name": "jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"product_id": "jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-picketlink@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"product": {
"name": "jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"product_id": "jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-modcluster@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"product": {
"name": "jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"product_id": "jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-remoting@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"product": {
"name": "jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"product_id": "jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-jsf@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"product": {
"name": "jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"product_id": "jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-management-client-content@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"product": {
"name": "jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"product_id": "jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-security@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"product": {
"name": "jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"product_id": "jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-jaxrs@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"product": {
"name": "jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"product_id": "jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-network@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"product": {
"name": "jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"product_id": "jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-osgi-configadmin@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"product": {
"name": "jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"product_id": "jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-client-all@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"product": {
"name": "jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"product_id": "jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-jsr77@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"product": {
"name": "jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"product_id": "jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-embedded@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"product": {
"name": "jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"product_id": "jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-threads@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"product": {
"name": "jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"product_id": "jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-cmp@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"product": {
"name": "jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"product_id": "jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-mail@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"product": {
"name": "jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"product_id": "jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-ee-deployment@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"product": {
"name": "jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"product_id": "jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-platform-mbean@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"product": {
"name": "jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"product_id": "jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-jpa@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"product": {
"name": "jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"product_id": "jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-messaging@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"product": {
"name": "jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"product_id": "jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-osgi-service@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"product": {
"name": "jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"product_id": "jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-appclient@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"product": {
"name": "jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"product_id": "jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-domain-management@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"product": {
"name": "jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"product_id": "jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-pojo@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"product": {
"name": "jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"product_id": "jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-server@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"product": {
"name": "jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"product_id": "jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-naming@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"product": {
"name": "jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"product_id": "jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-jacorb@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"product": {
"name": "jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"product_id": "jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-controller@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"product": {
"name": "jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"product_id": "jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-jdr@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"product": {
"name": "jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"product_id": "jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-protocol@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"product": {
"name": "jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"product_id": "jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-jmx@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"product": {
"name": "jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"product_id": "jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-logging@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"product": {
"name": "jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"product_id": "jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-domain-http@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"product": {
"name": "jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"product_id": "jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-jaxr@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"product": {
"name": "jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"product_id": "jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-transactions@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"product": {
"name": "jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"product_id": "jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-controller-client@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"product": {
"name": "jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"product_id": "jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-process-controller@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"product": {
"name": "jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"product_id": "jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-ejb3@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"product": {
"name": "jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"product_id": "jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-deployment-repository@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"product": {
"name": "jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"product_id": "jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-connector@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"product": {
"name": "jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"product_id": "jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-webservices@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"product": {
"name": "jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"product_id": "jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-deployment-scanner@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"product": {
"name": "jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"product_id": "jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-system-jmx@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"product": {
"name": "jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"product_id": "jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-sar@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"product": {
"name": "jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"product_id": "jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-version@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"product": {
"name": "jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"product_id": "jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-osgi@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"product": {
"name": "jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"product_id": "jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-ee@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"product": {
"name": "jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"product_id": "jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-xts@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"product": {
"name": "jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"product_id": "jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossas-welcome-content-eap@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"product": {
"name": "jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"product_id": "jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossas-standalone@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"product": {
"name": "jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"product_id": "jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossas-appclient@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"product": {
"name": "jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"product_id": "jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossas-domain@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"product": {
"name": "jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"product_id": "jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossas-bundles@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"product": {
"name": "jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"product_id": "jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossas-product-eap@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"product": {
"name": "jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"product_id": "jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossas-core@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"product": {
"name": "jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"product_id": "jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossas-modules-eap@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el6.noarch"
},
"product_reference": "codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el6.src"
},
"product_reference": "codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el6.src",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el6.noarch"
},
"product_reference": "codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el6.noarch"
},
"product_reference": "codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el6.noarch"
},
"product_reference": "codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el6.noarch"
},
"product_reference": "codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el6.noarch"
},
"product_reference": "hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el6.src"
},
"product_reference": "hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el6.src",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch"
},
"product_reference": "jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src"
},
"product_reference": "jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch"
},
"product_reference": "jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src"
},
"product_reference": "jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch"
},
"product_reference": "jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src"
},
"product_reference": "jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch"
},
"product_reference": "jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src"
},
"product_reference": "jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch"
},
"product_reference": "jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src"
},
"product_reference": "jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch"
},
"product_reference": "jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src"
},
"product_reference": "jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch"
},
"product_reference": "jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src"
},
"product_reference": "jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch"
},
"product_reference": "jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src"
},
"product_reference": "jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch"
},
"product_reference": "jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src"
},
"product_reference": "jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch"
},
"product_reference": "jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src"
},
"product_reference": "jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch"
},
"product_reference": "jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src"
},
"product_reference": "jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch"
},
"product_reference": "jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src"
},
"product_reference": "jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch"
},
"product_reference": "jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src"
},
"product_reference": "jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch"
},
"product_reference": "jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src"
},
"product_reference": "jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch"
},
"product_reference": "jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src"
},
"product_reference": "jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch"
},
"product_reference": "jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src"
},
"product_reference": "jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch"
},
"product_reference": "jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src"
},
"product_reference": "jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch"
},
"product_reference": "jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src"
},
"product_reference": "jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch"
},
"product_reference": "jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src"
},
"product_reference": "jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch"
},
"product_reference": "jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src"
},
"product_reference": "jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch"
},
"product_reference": "jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src"
},
"product_reference": "jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch"
},
"product_reference": "jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src"
},
"product_reference": "jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch"
},
"product_reference": "jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src"
},
"product_reference": "jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch"
},
"product_reference": "jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src"
},
"product_reference": "jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch"
},
"product_reference": "jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src"
},
"product_reference": "jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch"
},
"product_reference": "jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src"
},
"product_reference": "jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch"
},
"product_reference": "jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src"
},
"product_reference": "jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch"
},
"product_reference": "jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src"
},
"product_reference": "jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch"
},
"product_reference": "jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src"
},
"product_reference": "jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch"
},
"product_reference": "jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src"
},
"product_reference": "jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch"
},
"product_reference": "jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src"
},
"product_reference": "jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch"
},
"product_reference": "jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src"
},
"product_reference": "jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch"
},
"product_reference": "jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src"
},
"product_reference": "jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch"
},
"product_reference": "jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src"
},
"product_reference": "jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch"
},
"product_reference": "jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src"
},
"product_reference": "jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch"
},
"product_reference": "jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src"
},
"product_reference": "jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch"
},
"product_reference": "jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src"
},
"product_reference": "jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch"
},
"product_reference": "jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src"
},
"product_reference": "jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch"
},
"product_reference": "jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src"
},
"product_reference": "jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch"
},
"product_reference": "jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src"
},
"product_reference": "jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch"
},
"product_reference": "jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src"
},
"product_reference": "jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch"
},
"product_reference": "jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src"
},
"product_reference": "jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch"
},
"product_reference": "jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src"
},
"product_reference": "jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch"
},
"product_reference": "jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src"
},
"product_reference": "jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch"
},
"product_reference": "jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src"
},
"product_reference": "jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch"
},
"product_reference": "jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src"
},
"product_reference": "jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch"
},
"product_reference": "jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src"
},
"product_reference": "jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch"
},
"product_reference": "jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src"
},
"product_reference": "jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch"
},
"product_reference": "jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src"
},
"product_reference": "jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch"
},
"product_reference": "jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src"
},
"product_reference": "jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch"
},
"product_reference": "jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src"
},
"product_reference": "jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch"
},
"product_reference": "jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src"
},
"product_reference": "jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch"
},
"product_reference": "jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src"
},
"product_reference": "jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch"
},
"product_reference": "jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src"
},
"product_reference": "jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch"
},
"product_reference": "jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src"
},
"product_reference": "jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch"
},
"product_reference": "jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src"
},
"product_reference": "jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch"
},
"product_reference": "jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src"
},
"product_reference": "jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch"
},
"product_reference": "jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src"
},
"product_reference": "jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch"
},
"product_reference": "jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src"
},
"product_reference": "jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch"
},
"product_reference": "jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src"
},
"product_reference": "jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch"
},
"product_reference": "jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src"
},
"product_reference": "jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch"
},
"product_reference": "jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src"
},
"product_reference": "jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch"
},
"product_reference": "jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src"
},
"product_reference": "jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el6.noarch"
},
"product_reference": "jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el6.src"
},
"product_reference": "jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el6.src",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el6.noarch"
},
"product_reference": "jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el6.src"
},
"product_reference": "jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el6.src",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el6.noarch"
},
"product_reference": "jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el6.src"
},
"product_reference": "jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el6.src",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el6.noarch"
},
"product_reference": "lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el6.src"
},
"product_reference": "lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el6.src",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el6.noarch"
},
"product_reference": "picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el6.src"
},
"product_reference": "picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el6.src",
"relates_to_product_reference": "6Server-JBEAP-6.4"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2016-4978",
"discovery_date": "2016-09-23T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1379207"
}
],
"notes": [
{
"category": "description",
"text": "It was found that use of a JMS ObjectMessage does not safely handle user supplied data when deserializing objects. A remote attacker could use this flaw to execute arbitrary code with the permissions of the application using a JMS ObjectMessage.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Artemis: Deserialization of untrusted input vulnerability",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el6.src",
"6Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el6.src",
"6Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el6.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2016-4978"
},
{
"category": "external",
"summary": "RHBZ#1379207",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1379207"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2016-4978",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-4978"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2016-4978",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2016-4978"
}
],
"release_date": "2016-09-23T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-05-14T20:36:31+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el6.src",
"6Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el6.src",
"6Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el6.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:1449"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:S/C:P/I:P/A:P",
"version": "2.0"
},
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:L",
"version": "3.0"
},
"products": [
"6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el6.src",
"6Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el6.src",
"6Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el6.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "Artemis: Deserialization of untrusted input vulnerability"
},
{
"cve": "CVE-2017-3163",
"cwe": {
"id": "CWE-22",
"name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
},
"discovery_date": "2017-05-21T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1454783"
}
],
"notes": [
{
"category": "description",
"text": "When using the Index Replication feature, Apache Solr nodes can pull index files from a master/leader node using an HTTP API which accepts a file name. However, Solr before 5.5.4 and 6.x before 6.4.1 did not validate the file name, hence it was possible to craft a special request involving path traversal, leaving any file readable to the Solr server process exposed. Solr servers protected and restricted by firewall rules and/or authentication would not be at risk since only trusted clients and users would gain direct HTTP access.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "solr: Directory traversal via Index Replication HTTP API",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el6.src",
"6Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el6.src",
"6Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el6.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-3163"
},
{
"category": "external",
"summary": "RHBZ#1454783",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1454783"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-3163",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3163"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-3163",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-3163"
}
],
"release_date": "2017-02-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-05-14T20:36:31+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el6.src",
"6Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el6.src",
"6Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el6.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:1449"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"products": [
"6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el6.src",
"6Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el6.src",
"6Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el6.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "solr: Directory traversal via Index Replication HTTP API"
},
{
"acknowledgments": [
{
"names": [
"Liao Xinxi"
],
"organization": "NSFOCUS"
}
],
"cve": "CVE-2017-7525",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2017-06-16T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1462702"
}
],
"notes": [
{
"category": "description",
"text": "A deserialization flaw was discovered in the jackson-databind which could allow an unauthenticated user to perform code execution by sending the maliciously crafted input to the readValue method of the ObjectMapper.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: Deserialization vulnerability via readValue method of ObjectMapper",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue affects the versions of jackson-databind (in Satellite 6.0 and 6.1) and candlepin (which embeds a copy of jackson-databind in Satellite 6.2) as shipped with Red Hat Satellite 6.x. However the affected code is NOT used at this time:\n\nCandlepin currently uses the default type resolution configuration for the ObjectMappers it creates/uses. Nowhere in candlepin do we enable global polymorphic deserialization via enableDefaultTyping(...), therefore based on the documentation sited BZ 1462702 , candlepin should not be affected.\n\nHowever as the vulnerable software ships with the product we have marked them as vulnerable to ensure the issue is tracked.\n\nJBoss EAP 7.x only uses the vulnerable Jackson Databind library for marshalling and unmarshalling of JSON objects passed to JAX-RS webservices. Some advise about how to remain safe when using JAX-RS webservices on JBoss EAP 7.x is available here: \n\nhttps://access.redhat.com/solutions/3279231\n\nAlthough JBoss Fuse ships the vulnerable version of jackson-databind, it does not call on enableDefaultTyping() for any polymorphic deserialization operations which is the root cause of this vulnerability. We have raised a Jira tracker to ensure that jackson-databind will be upgraded for Fuse 7.0, however due to feasibility issues jackson-databind cannot be upgraded in JBoss Fuse 6.3.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el6.src",
"6Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el6.src",
"6Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el6.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-7525"
},
{
"category": "external",
"summary": "RHBZ#1462702",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1462702"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-7525",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-7525"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-7525",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-7525"
}
],
"release_date": "2017-07-14T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-05-14T20:36:31+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el6.src",
"6Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el6.src",
"6Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el6.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:1449"
},
{
"category": "workaround",
"details": "Mitigation to this problem is to not trigger polymorphic desrialization globally by using: objectMapper.enableDefaultTyping() and rather use @JsonTypeInfo on the class property to explicitly define the type information. For more information on this issue please refer to https://www.github.com/mbechler/marshalsec/blob/master/marshalsec.pdf?raw=true",
"product_ids": [
"6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el6.src",
"6Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el6.src",
"6Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el6.src"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el6.src",
"6Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el6.src",
"6Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el6.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "jackson-databind: Deserialization vulnerability via readValue method of ObjectMapper"
},
{
"acknowledgments": [
{
"names": [
"Liao Xinxi"
],
"organization": "NSFOCUS"
}
],
"cve": "CVE-2017-15095",
"cwe": {
"id": "CWE-184",
"name": "Incomplete List of Disallowed Inputs"
},
"discovery_date": "2017-10-14T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1506612"
}
],
"notes": [
{
"category": "description",
"text": "A deserialization flaw was discovered in the jackson-databind which could allow an unauthenticated user to perform code execution by sending the maliciously crafted input to the readValue method of the ObjectMapper. This issue extends the previous flaw CVE-2017-7525 by blacklisting more classes that could be used maliciously.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: Unsafe deserialization due to incomplete black list (incomplete fix for CVE-2017-7525)",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue affects the versions of jackson-databind (in Satellite 6.0 and 6.1) and candlepin (which embeds a copy of jackson-databind in Satellite 6.2) as shipped with Red Hat Satellite 6.x. However the affected code is NOT used at this time:\n\nCandlepin currently uses the default type resolution configuration for the ObjectMappers it creates/uses. Nowhere in candlepin do we enable global polymorphic deserialization via enableDefaultTyping(...), therefore based on the documentation sited BZ 1462702 , candlepin should not be affected.\n\nHowever as the vulnerable software ships with the product we have marked them as vulnerable to ensure the issue is tracked.\n\nJBoss EAP 7.x only uses the vulnerable Jackson Databind library for marshalling and unmarshalling of JSON objects passed to JAX-RS webservices. Some advise about how to remain safe when using JAX-RS webservices on JBoss EAP 7.x is available here: \n\nhttps://access.redhat.com/solutions/3279231",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el6.src",
"6Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el6.src",
"6Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el6.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-15095"
},
{
"category": "external",
"summary": "RHBZ#1506612",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1506612"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-15095",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-15095"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-15095",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-15095"
},
{
"category": "external",
"summary": "https://access.redhat.com/solutions/3442891",
"url": "https://access.redhat.com/solutions/3442891"
}
],
"release_date": "2017-11-02T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-05-14T20:36:31+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el6.src",
"6Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el6.src",
"6Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el6.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:1449"
},
{
"category": "workaround",
"details": "Mitigation to this problem is to not trigger polymorphic desrialization globally by using: objectMapper.enableDefaultTyping() and rather use @JsonTypeInfo on the class property to explicitly define the type information. For more information on this issue please refer to https://www.github.com/mbechler/marshalsec/blob/master/marshalsec.pdf?raw=true",
"product_ids": [
"6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el6.src",
"6Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el6.src",
"6Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el6.src"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el6.src",
"6Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el6.src",
"6Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el6.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "jackson-databind: Unsafe deserialization due to incomplete black list (incomplete fix for CVE-2017-7525)"
},
{
"acknowledgments": [
{
"names": [
"0c0c0f from 360\u89c2\u661f\u5b9e\u9a8c\u5ba4"
]
}
],
"cve": "CVE-2017-17485",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2017-12-06T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1528565"
}
],
"notes": [
{
"category": "description",
"text": "A deserialization flaw was discovered in the jackson-databind which could allow an unauthenticated user to perform code execution by sending maliciously crafted input to the readValue method of ObjectMapper. This issue extends upon the previous flaws CVE-2017-7525 and CVE-2017-15095 by blacklisting more classes that could be used maliciously.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: Unsafe deserialization due to incomplete black list (incomplete fix for CVE-2017-15095)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el6.src",
"6Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el6.src",
"6Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el6.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-17485"
},
{
"category": "external",
"summary": "RHBZ#1528565",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1528565"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-17485",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-17485"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-17485",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-17485"
},
{
"category": "external",
"summary": "https://access.redhat.com/solutions/3442891",
"url": "https://access.redhat.com/solutions/3442891"
}
],
"release_date": "2017-12-12T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-05-14T20:36:31+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el6.src",
"6Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el6.src",
"6Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el6.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:1449"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el6.src",
"6Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el6.src",
"6Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el6.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "jackson-databind: Unsafe deserialization due to incomplete black list (incomplete fix for CVE-2017-15095)"
},
{
"cve": "CVE-2018-1304",
"cwe": {
"id": "CWE-284",
"name": "Improper Access Control"
},
"discovery_date": "2018-02-23T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1548289"
}
],
"notes": [
{
"category": "description",
"text": "The URL pattern of \"\" (the empty string) which exactly maps to the context root was not correctly handled in Apache Tomcat 9.0.0.M1 to 9.0.4, 8.5.0 to 8.5.27, 8.0.0.RC1 to 8.0.49 and 7.0.0 to 7.0.84 when used as part of a security constraint definition. This caused the constraint to be ignored. It was, therefore, possible for unauthorised users to gain access to web application resources that should have been protected. Only security constraints with a URL pattern of the empty string were affected.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "tomcat: Incorrect handling of empty string URL in security constraints can lead to unintended exposure of resources",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el6.src",
"6Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el6.src",
"6Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el6.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-1304"
},
{
"category": "external",
"summary": "RHBZ#1548289",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1548289"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-1304",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1304"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-1304",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-1304"
},
{
"category": "external",
"summary": "https://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.85",
"url": "https://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.85"
},
{
"category": "external",
"summary": "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.0.50",
"url": "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.0.50"
},
{
"category": "external",
"summary": "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.28",
"url": "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.28"
}
],
"release_date": "2018-01-31T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-05-14T20:36:31+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el6.src",
"6Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el6.src",
"6Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el6.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:1449"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el6.src",
"6Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el6.src",
"6Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el6.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "tomcat: Incorrect handling of empty string URL in security constraints can lead to unintended exposure of resources"
},
{
"cve": "CVE-2018-7489",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2018-02-26T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1549276"
}
],
"notes": [
{
"category": "description",
"text": "FasterXML jackson-databind before 2.7.9.3, 2.8.x before 2.8.11.1 and 2.9.x before 2.9.5 allows unauthenticated remote code execution because of an incomplete fix for the CVE-2017-7525 deserialization flaw. This is exploitable by sending maliciously crafted JSON input to the readValue method of the ObjectMapper, bypassing a blacklist that is ineffective if the c3p0 libraries are available in the classpath.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: incomplete fix for CVE-2017-7525 permits unsafe serialization via c3p0 libraries",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Subscription Asset Manager is now in a reduced support phase receiving only Critical impact security fixes. This issue has been rated as having a security impact of Moderate, and is not currently planned to be addressed in future updates.\n\nSatellite 6.2 does not support c3p0 classes. Since the latter are required for this flaw, therefore Satellite 6.2 is not affected. Satellite 6.3 and 6.4 are not affected because Candlepin does not use polymorphic deserialization.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el6.src",
"6Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el6.src",
"6Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el6.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-7489"
},
{
"category": "external",
"summary": "RHBZ#1549276",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1549276"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-7489",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-7489"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-7489",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-7489"
},
{
"category": "external",
"summary": "https://access.redhat.com/solutions/3442891",
"url": "https://access.redhat.com/solutions/3442891"
}
],
"release_date": "2018-02-26T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-05-14T20:36:31+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el6.src",
"6Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el6.src",
"6Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el6.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:1449"
},
{
"category": "workaround",
"details": "Advice on how to remain safe while using JAX-RS webservices on JBoss EAP 7.x is available here:\n\nhttps://access.redhat.com/solutions/3279231\nhttps://github.com/FasterXML/jackson-docs/wiki/JacksonPolymorphicDeserialization\n\nGeneral Mitigation: \nTry to avoid \n* Deserialization from sources you do not control\n* `enableDefaultTyping()`\n* `@JsonTypeInfo using `id.CLASS` or `id.MINIMAL_CLASS`",
"product_ids": [
"6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el6.src",
"6Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el6.src",
"6Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el6.src"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el6.src",
"6Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el6.src",
"6Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el6.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jackson-databind: incomplete fix for CVE-2017-7525 permits unsafe serialization via c3p0 libraries"
},
{
"acknowledgments": [
{
"names": [
"Chris McCown"
]
}
],
"cve": "CVE-2018-8088",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2018-02-26T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1548909"
}
],
"notes": [
{
"category": "description",
"text": "An XML deserialization vulnerability was discovered in slf4j\u0027s EventData, which accepts an XML serialized string and can lead to arbitrary code execution.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "slf4j: Deserialisation vulnerability in EventData constructor can allow for arbitrary code execution",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Subscription Asset Manager is now in a reduced support phase receiving only Critical impact security fixes. This issue has been rated as having a security impact of Important, and is not currently planned to be addressed in future updates.\n\nThis issue did not affect the versions of Candlepin as shipped with Red Hat Satellite 6 as Candlepin uses slf4j-api and not the affected slf4j-ext (which is not on the Candlepin classpath).\n\nRed Hat Enterprise Virtualization Manager 4.1 is affected by this issue. Updated packages that address this issue are available through the Red Hat Enterprise Linux Server channels. Virtualization Manager hosts should be subscribed to these channels and obtain the updates via `yum update`.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el6.src",
"6Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el6.src",
"6Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el6.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-8088"
},
{
"category": "external",
"summary": "RHBZ#1548909",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1548909"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-8088",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-8088"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-8088",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-8088"
}
],
"release_date": "2018-02-22T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-05-14T20:36:31+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el6.src",
"6Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el6.src",
"6Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el6.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:1449"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el6.src",
"6Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el6.src",
"6Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el6.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "slf4j: Deserialisation vulnerability in EventData constructor can allow for arbitrary code execution"
}
]
}
RHSA-2018:1447
Vulnerability from csaf_redhat - Published: 2018-05-14 20:15 - Updated: 2025-11-21 18:04Summary
Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 6.4.20 security update
Notes
Topic
Updated packages that provide Red Hat JBoss Enterprise Application Platform
6.4.20, fixes several bugs, and adds various enhancements are now available from the Red Hat Customer Portal.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat JBoss Enterprise Application Platform is a platform for Java
applications based on the JBoss Application Server.
This release of Red Hat JBoss Enterprise Application Platform 6.4.20 serves as a replacement for Red Hat JBoss Enterprise Application Platform 6.4.19, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References.
Security Fix(es):
* jackson-databind: Unsafe deserialization due to incomplete black list (incomplete fix for CVE-2017-7525) (CVE-2017-15095)
* jackson-databind: Unsafe deserialization due to incomplete black list (incomplete fix for CVE-2017-15095) (CVE-2017-17485)
* slf4j: Deserialisation vulnerability in EventData constructor can allow for arbitrary code execution (CVE-2018-8088)
* Apache ActiveMQ Artemis: Deserialization of untrusted input vulnerability (CVE-2016-4978)
* solr: Directory traversal via Index Replication HTTP API (CVE-2017-3163)
* tomcat: Incorrect handling of empty string URL in security constraints can lead to unintended exposure of resources (CVE-2018-1304)
* jackson-databind: incomplete fix for CVE-2017-7525 permits unsafe serialization via c3p0 libraries (CVE-2018-7489)
For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.
Red Hat would like to thank Liao Xinxi (NSFOCUS) for reporting CVE-2017-15095; 0c0c0f from 360观星实验室 for reporting CVE-2017-17485; and Chris McCown for reporting CVE-2018-8088.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Updated packages that provide Red Hat JBoss Enterprise Application Platform\n6.4.20, fixes several bugs, and adds various enhancements are now available from the Red Hat Customer Portal.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat JBoss Enterprise Application Platform is a platform for Java\napplications based on the JBoss Application Server.\n\nThis release of Red Hat JBoss Enterprise Application Platform 6.4.20 serves as a replacement for Red Hat JBoss Enterprise Application Platform 6.4.19, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References.\n\nSecurity Fix(es):\n\n* jackson-databind: Unsafe deserialization due to incomplete black list (incomplete fix for CVE-2017-7525) (CVE-2017-15095)\n\n* jackson-databind: Unsafe deserialization due to incomplete black list (incomplete fix for CVE-2017-15095) (CVE-2017-17485)\n\n* slf4j: Deserialisation vulnerability in EventData constructor can allow for arbitrary code execution (CVE-2018-8088)\n\n* Apache ActiveMQ Artemis: Deserialization of untrusted input vulnerability (CVE-2016-4978)\n\n* solr: Directory traversal via Index Replication HTTP API (CVE-2017-3163)\n\n* tomcat: Incorrect handling of empty string URL in security constraints can lead to unintended exposure of resources (CVE-2018-1304)\n\n* jackson-databind: incomplete fix for CVE-2017-7525 permits unsafe serialization via c3p0 libraries (CVE-2018-7489)\n\nFor more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.\n\nRed Hat would like to thank Liao Xinxi (NSFOCUS) for reporting CVE-2017-15095; 0c0c0f from 360\u89c2\u661f\u5b9e\u9a8c\u5ba4 for reporting CVE-2017-17485; and Chris McCown for reporting CVE-2018-8088.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2018:1447",
"url": "https://access.redhat.com/errata/RHSA-2018:1447"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?product=appplatform\u0026downloadType=securityPatches\u0026version=6.4",
"url": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?product=appplatform\u0026downloadType=securityPatches\u0026version=6.4"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/?version=6.4",
"url": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/?version=6.4"
},
{
"category": "external",
"summary": "1379207",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1379207"
},
{
"category": "external",
"summary": "1454783",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1454783"
},
{
"category": "external",
"summary": "1506612",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1506612"
},
{
"category": "external",
"summary": "1528565",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1528565"
},
{
"category": "external",
"summary": "1548289",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1548289"
},
{
"category": "external",
"summary": "1548909",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1548909"
},
{
"category": "external",
"summary": "1549276",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1549276"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2018/rhsa-2018_1447.json"
}
],
"title": "Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 6.4.20 security update",
"tracking": {
"current_release_date": "2025-11-21T18:04:42+00:00",
"generator": {
"date": "2025-11-21T18:04:42+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.12"
}
},
"id": "RHSA-2018:1447",
"initial_release_date": "2018-05-14T20:15:33+00:00",
"revision_history": [
{
"date": "2018-05-14T20:15:33+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2018-05-14T20:15:33+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-11-21T18:04:42+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat JBoss Enterprise Application Platform 6.4",
"product": {
"name": "Red Hat JBoss Enterprise Application Platform 6.4",
"product_id": "Red Hat JBoss Enterprise Application Platform 6.4",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6.4"
}
}
}
],
"category": "product_family",
"name": "Red Hat JBoss Enterprise Application Platform"
}
],
"category": "vendor",
"name": "Red Hat"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2016-4978",
"discovery_date": "2016-09-23T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1379207"
}
],
"notes": [
{
"category": "description",
"text": "It was found that use of a JMS ObjectMessage does not safely handle user supplied data when deserializing objects. A remote attacker could use this flaw to execute arbitrary code with the permissions of the application using a JMS ObjectMessage.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Artemis: Deserialization of untrusted input vulnerability",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss Enterprise Application Platform 6.4"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2016-4978"
},
{
"category": "external",
"summary": "RHBZ#1379207",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1379207"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2016-4978",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-4978"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2016-4978",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2016-4978"
}
],
"release_date": "2016-09-23T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-05-14T20:15:33+00:00",
"details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nThe References section of this erratum contains a download link (you must log in to download the update).\n\nThe JBoss server process must be restarted for the update to take effect.",
"product_ids": [
"Red Hat JBoss Enterprise Application Platform 6.4"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:1447"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:S/C:P/I:P/A:P",
"version": "2.0"
},
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:L",
"version": "3.0"
},
"products": [
"Red Hat JBoss Enterprise Application Platform 6.4"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "Artemis: Deserialization of untrusted input vulnerability"
},
{
"cve": "CVE-2017-3163",
"cwe": {
"id": "CWE-22",
"name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
},
"discovery_date": "2017-05-21T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1454783"
}
],
"notes": [
{
"category": "description",
"text": "When using the Index Replication feature, Apache Solr nodes can pull index files from a master/leader node using an HTTP API which accepts a file name. However, Solr before 5.5.4 and 6.x before 6.4.1 did not validate the file name, hence it was possible to craft a special request involving path traversal, leaving any file readable to the Solr server process exposed. Solr servers protected and restricted by firewall rules and/or authentication would not be at risk since only trusted clients and users would gain direct HTTP access.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "solr: Directory traversal via Index Replication HTTP API",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss Enterprise Application Platform 6.4"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-3163"
},
{
"category": "external",
"summary": "RHBZ#1454783",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1454783"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-3163",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3163"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-3163",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-3163"
}
],
"release_date": "2017-02-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-05-14T20:15:33+00:00",
"details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nThe References section of this erratum contains a download link (you must log in to download the update).\n\nThe JBoss server process must be restarted for the update to take effect.",
"product_ids": [
"Red Hat JBoss Enterprise Application Platform 6.4"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:1447"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"products": [
"Red Hat JBoss Enterprise Application Platform 6.4"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "solr: Directory traversal via Index Replication HTTP API"
},
{
"acknowledgments": [
{
"names": [
"Liao Xinxi"
],
"organization": "NSFOCUS"
}
],
"cve": "CVE-2017-15095",
"cwe": {
"id": "CWE-184",
"name": "Incomplete List of Disallowed Inputs"
},
"discovery_date": "2017-10-14T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1506612"
}
],
"notes": [
{
"category": "description",
"text": "A deserialization flaw was discovered in the jackson-databind which could allow an unauthenticated user to perform code execution by sending the maliciously crafted input to the readValue method of the ObjectMapper. This issue extends the previous flaw CVE-2017-7525 by blacklisting more classes that could be used maliciously.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: Unsafe deserialization due to incomplete black list (incomplete fix for CVE-2017-7525)",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue affects the versions of jackson-databind (in Satellite 6.0 and 6.1) and candlepin (which embeds a copy of jackson-databind in Satellite 6.2) as shipped with Red Hat Satellite 6.x. However the affected code is NOT used at this time:\n\nCandlepin currently uses the default type resolution configuration for the ObjectMappers it creates/uses. Nowhere in candlepin do we enable global polymorphic deserialization via enableDefaultTyping(...), therefore based on the documentation sited BZ 1462702 , candlepin should not be affected.\n\nHowever as the vulnerable software ships with the product we have marked them as vulnerable to ensure the issue is tracked.\n\nJBoss EAP 7.x only uses the vulnerable Jackson Databind library for marshalling and unmarshalling of JSON objects passed to JAX-RS webservices. Some advise about how to remain safe when using JAX-RS webservices on JBoss EAP 7.x is available here: \n\nhttps://access.redhat.com/solutions/3279231",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss Enterprise Application Platform 6.4"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-15095"
},
{
"category": "external",
"summary": "RHBZ#1506612",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1506612"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-15095",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-15095"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-15095",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-15095"
},
{
"category": "external",
"summary": "https://access.redhat.com/solutions/3442891",
"url": "https://access.redhat.com/solutions/3442891"
}
],
"release_date": "2017-11-02T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-05-14T20:15:33+00:00",
"details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nThe References section of this erratum contains a download link (you must log in to download the update).\n\nThe JBoss server process must be restarted for the update to take effect.",
"product_ids": [
"Red Hat JBoss Enterprise Application Platform 6.4"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:1447"
},
{
"category": "workaround",
"details": "Mitigation to this problem is to not trigger polymorphic desrialization globally by using: objectMapper.enableDefaultTyping() and rather use @JsonTypeInfo on the class property to explicitly define the type information. For more information on this issue please refer to https://www.github.com/mbechler/marshalsec/blob/master/marshalsec.pdf?raw=true",
"product_ids": [
"Red Hat JBoss Enterprise Application Platform 6.4"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"Red Hat JBoss Enterprise Application Platform 6.4"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "jackson-databind: Unsafe deserialization due to incomplete black list (incomplete fix for CVE-2017-7525)"
},
{
"acknowledgments": [
{
"names": [
"0c0c0f from 360\u89c2\u661f\u5b9e\u9a8c\u5ba4"
]
}
],
"cve": "CVE-2017-17485",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2017-12-06T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1528565"
}
],
"notes": [
{
"category": "description",
"text": "A deserialization flaw was discovered in the jackson-databind which could allow an unauthenticated user to perform code execution by sending maliciously crafted input to the readValue method of ObjectMapper. This issue extends upon the previous flaws CVE-2017-7525 and CVE-2017-15095 by blacklisting more classes that could be used maliciously.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: Unsafe deserialization due to incomplete black list (incomplete fix for CVE-2017-15095)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss Enterprise Application Platform 6.4"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-17485"
},
{
"category": "external",
"summary": "RHBZ#1528565",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1528565"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-17485",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-17485"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-17485",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-17485"
},
{
"category": "external",
"summary": "https://access.redhat.com/solutions/3442891",
"url": "https://access.redhat.com/solutions/3442891"
}
],
"release_date": "2017-12-12T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-05-14T20:15:33+00:00",
"details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nThe References section of this erratum contains a download link (you must log in to download the update).\n\nThe JBoss server process must be restarted for the update to take effect.",
"product_ids": [
"Red Hat JBoss Enterprise Application Platform 6.4"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:1447"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"Red Hat JBoss Enterprise Application Platform 6.4"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "jackson-databind: Unsafe deserialization due to incomplete black list (incomplete fix for CVE-2017-15095)"
},
{
"cve": "CVE-2018-1304",
"cwe": {
"id": "CWE-284",
"name": "Improper Access Control"
},
"discovery_date": "2018-02-23T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1548289"
}
],
"notes": [
{
"category": "description",
"text": "The URL pattern of \"\" (the empty string) which exactly maps to the context root was not correctly handled in Apache Tomcat 9.0.0.M1 to 9.0.4, 8.5.0 to 8.5.27, 8.0.0.RC1 to 8.0.49 and 7.0.0 to 7.0.84 when used as part of a security constraint definition. This caused the constraint to be ignored. It was, therefore, possible for unauthorised users to gain access to web application resources that should have been protected. Only security constraints with a URL pattern of the empty string were affected.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "tomcat: Incorrect handling of empty string URL in security constraints can lead to unintended exposure of resources",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss Enterprise Application Platform 6.4"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-1304"
},
{
"category": "external",
"summary": "RHBZ#1548289",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1548289"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-1304",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1304"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-1304",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-1304"
},
{
"category": "external",
"summary": "https://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.85",
"url": "https://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.85"
},
{
"category": "external",
"summary": "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.0.50",
"url": "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.0.50"
},
{
"category": "external",
"summary": "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.28",
"url": "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.28"
}
],
"release_date": "2018-01-31T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-05-14T20:15:33+00:00",
"details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nThe References section of this erratum contains a download link (you must log in to download the update).\n\nThe JBoss server process must be restarted for the update to take effect.",
"product_ids": [
"Red Hat JBoss Enterprise Application Platform 6.4"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:1447"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"Red Hat JBoss Enterprise Application Platform 6.4"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "tomcat: Incorrect handling of empty string URL in security constraints can lead to unintended exposure of resources"
},
{
"cve": "CVE-2018-7489",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2018-02-26T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1549276"
}
],
"notes": [
{
"category": "description",
"text": "FasterXML jackson-databind before 2.7.9.3, 2.8.x before 2.8.11.1 and 2.9.x before 2.9.5 allows unauthenticated remote code execution because of an incomplete fix for the CVE-2017-7525 deserialization flaw. This is exploitable by sending maliciously crafted JSON input to the readValue method of the ObjectMapper, bypassing a blacklist that is ineffective if the c3p0 libraries are available in the classpath.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: incomplete fix for CVE-2017-7525 permits unsafe serialization via c3p0 libraries",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Subscription Asset Manager is now in a reduced support phase receiving only Critical impact security fixes. This issue has been rated as having a security impact of Moderate, and is not currently planned to be addressed in future updates.\n\nSatellite 6.2 does not support c3p0 classes. Since the latter are required for this flaw, therefore Satellite 6.2 is not affected. Satellite 6.3 and 6.4 are not affected because Candlepin does not use polymorphic deserialization.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss Enterprise Application Platform 6.4"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-7489"
},
{
"category": "external",
"summary": "RHBZ#1549276",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1549276"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-7489",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-7489"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-7489",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-7489"
},
{
"category": "external",
"summary": "https://access.redhat.com/solutions/3442891",
"url": "https://access.redhat.com/solutions/3442891"
}
],
"release_date": "2018-02-26T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-05-14T20:15:33+00:00",
"details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nThe References section of this erratum contains a download link (you must log in to download the update).\n\nThe JBoss server process must be restarted for the update to take effect.",
"product_ids": [
"Red Hat JBoss Enterprise Application Platform 6.4"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:1447"
},
{
"category": "workaround",
"details": "Advice on how to remain safe while using JAX-RS webservices on JBoss EAP 7.x is available here:\n\nhttps://access.redhat.com/solutions/3279231\nhttps://github.com/FasterXML/jackson-docs/wiki/JacksonPolymorphicDeserialization\n\nGeneral Mitigation: \nTry to avoid \n* Deserialization from sources you do not control\n* `enableDefaultTyping()`\n* `@JsonTypeInfo using `id.CLASS` or `id.MINIMAL_CLASS`",
"product_ids": [
"Red Hat JBoss Enterprise Application Platform 6.4"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"Red Hat JBoss Enterprise Application Platform 6.4"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jackson-databind: incomplete fix for CVE-2017-7525 permits unsafe serialization via c3p0 libraries"
},
{
"acknowledgments": [
{
"names": [
"Chris McCown"
]
}
],
"cve": "CVE-2018-8088",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2018-02-26T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1548909"
}
],
"notes": [
{
"category": "description",
"text": "An XML deserialization vulnerability was discovered in slf4j\u0027s EventData, which accepts an XML serialized string and can lead to arbitrary code execution.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "slf4j: Deserialisation vulnerability in EventData constructor can allow for arbitrary code execution",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Subscription Asset Manager is now in a reduced support phase receiving only Critical impact security fixes. This issue has been rated as having a security impact of Important, and is not currently planned to be addressed in future updates.\n\nThis issue did not affect the versions of Candlepin as shipped with Red Hat Satellite 6 as Candlepin uses slf4j-api and not the affected slf4j-ext (which is not on the Candlepin classpath).\n\nRed Hat Enterprise Virtualization Manager 4.1 is affected by this issue. Updated packages that address this issue are available through the Red Hat Enterprise Linux Server channels. Virtualization Manager hosts should be subscribed to these channels and obtain the updates via `yum update`.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss Enterprise Application Platform 6.4"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-8088"
},
{
"category": "external",
"summary": "RHBZ#1548909",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1548909"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-8088",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-8088"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-8088",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-8088"
}
],
"release_date": "2018-02-22T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-05-14T20:15:33+00:00",
"details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nThe References section of this erratum contains a download link (you must log in to download the update).\n\nThe JBoss server process must be restarted for the update to take effect.",
"product_ids": [
"Red Hat JBoss Enterprise Application Platform 6.4"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:1447"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"Red Hat JBoss Enterprise Application Platform 6.4"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "slf4j: Deserialisation vulnerability in EventData constructor can allow for arbitrary code execution"
}
]
}
RHSA-2018_1449
Vulnerability from csaf_redhat - Published: 2018-05-14 20:36 - Updated: 2024-12-08 10:57Summary
Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 6.4.20 security update
Notes
Topic
An update is now available for Red Hat JBoss Enterprise Application Platform 6.4 for Red Hat Enterprise Linux 6.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat JBoss Enterprise Application Platform is a platform for Java applications based on the JBoss Application Server.
This release of Red Hat JBoss Enterprise Application Platform 6.4.20 serves as a replacement for Red Hat JBoss Enterprise Application Platform 6.4.19, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References.
Security Fix(es):
* jackson-databind: Unsafe deserialization due to incomplete black list (incomplete fix for CVE-2017-7525) (CVE-2017-15095)
* jackson-databind: Unsafe deserialization due to incomplete black list (incomplete fix for CVE-2017-15095) (CVE-2017-17485)
* slf4j: Deserialisation vulnerability in EventData constructor can allow for arbitrary code execution (CVE-2018-8088)
* Apache ActiveMQ Artemis: Deserialization of untrusted input vulnerability (CVE-2016-4978)
* solr: Directory traversal via Index Replication HTTP API (CVE-2017-3163)
* tomcat: Incorrect handling of empty string URL in security constraints can lead to unintended exposure of resources (CVE-2018-1304)
* jackson-databind: incomplete fix for CVE-2017-7525 permits unsafe serialization via c3p0 libraries (CVE-2018-7489)
For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.
Red Hat would like to thank Liao Xinxi (NSFOCUS) for reporting CVE-2017-15095; 0c0c0f from 360观星实验室 for reporting CVE-2017-17485; and Chris McCown for reporting CVE-2018-8088.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update is now available for Red Hat JBoss Enterprise Application Platform 6.4 for Red Hat Enterprise Linux 6.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat JBoss Enterprise Application Platform is a platform for Java applications based on the JBoss Application Server.\n\nThis release of Red Hat JBoss Enterprise Application Platform 6.4.20 serves as a replacement for Red Hat JBoss Enterprise Application Platform 6.4.19, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References.\n\nSecurity Fix(es):\n\n* jackson-databind: Unsafe deserialization due to incomplete black list (incomplete fix for CVE-2017-7525) (CVE-2017-15095)\n\n* jackson-databind: Unsafe deserialization due to incomplete black list (incomplete fix for CVE-2017-15095) (CVE-2017-17485)\n\n* slf4j: Deserialisation vulnerability in EventData constructor can allow for arbitrary code execution (CVE-2018-8088)\n\n* Apache ActiveMQ Artemis: Deserialization of untrusted input vulnerability (CVE-2016-4978)\n\n* solr: Directory traversal via Index Replication HTTP API (CVE-2017-3163)\n\n* tomcat: Incorrect handling of empty string URL in security constraints can lead to unintended exposure of resources (CVE-2018-1304)\n\n* jackson-databind: incomplete fix for CVE-2017-7525 permits unsafe serialization via c3p0 libraries (CVE-2018-7489)\n\nFor more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.\n\nRed Hat would like to thank Liao Xinxi (NSFOCUS) for reporting CVE-2017-15095; 0c0c0f from 360\u89c2\u661f\u5b9e\u9a8c\u5ba4 for reporting CVE-2017-17485; and Chris McCown for reporting CVE-2018-8088.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2018:1449",
"url": "https://access.redhat.com/errata/RHSA-2018:1449"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/?version=6.4",
"url": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/?version=6.4"
},
{
"category": "external",
"summary": "1379207",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1379207"
},
{
"category": "external",
"summary": "1454783",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1454783"
},
{
"category": "external",
"summary": "1506612",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1506612"
},
{
"category": "external",
"summary": "1528565",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1528565"
},
{
"category": "external",
"summary": "1548289",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1548289"
},
{
"category": "external",
"summary": "1548909",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1548909"
},
{
"category": "external",
"summary": "1549276",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1549276"
},
{
"category": "external",
"summary": "1559008",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1559008"
},
{
"category": "external",
"summary": "1559011",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1559011"
},
{
"category": "external",
"summary": "1559016",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1559016"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2018/rhsa-2018_1449.json"
}
],
"title": "Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 6.4.20 security update",
"tracking": {
"current_release_date": "2024-12-08T10:57:58+00:00",
"generator": {
"date": "2024-12-08T10:57:58+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.3"
}
},
"id": "RHSA-2018:1449",
"initial_release_date": "2018-05-14T20:36:31+00:00",
"revision_history": [
{
"date": "2018-05-14T20:36:31+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2018-05-14T20:36:31+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-12-08T10:57:58+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product": {
"name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6"
}
}
}
],
"category": "product_family",
"name": "Red Hat JBoss Enterprise Application Platform"
},
{
"branches": [
{
"category": "product_version",
"name": "jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el6.src",
"product": {
"name": "jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el6.src",
"product_id": "jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jgroups@3.2.18-1.Final_redhat_1.1.ep6.el6?arch=src\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el6.src",
"product": {
"name": "jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el6.src",
"product_id": "jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossts@4.17.43-1.Final_redhat_1.1.ep6.el6?arch=src\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el6.src",
"product": {
"name": "jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el6.src",
"product_id": "jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossweb@7.5.28-1.Final_redhat_1.1.ep6.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el6.src",
"product": {
"name": "hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el6.src",
"product_id": "hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/hornetq@2.3.25-26.SP24_redhat_1.1.ep6.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el6.src",
"product": {
"name": "lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el6.src",
"product_id": "lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/lucene-solr@3.6.2-8.redhat_9.1.ep6.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el6.src",
"product": {
"name": "codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el6.src",
"product_id": "codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/codehaus-jackson@1.9.9-12.redhat_6.1.ep6.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el6.src",
"product": {
"name": "picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el6.src",
"product_id": "picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/picketbox@4.1.7-1.Final_redhat_1.1.ep6.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"product": {
"name": "jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"product_id": "jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossas-javadocs@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"product": {
"name": "jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"product_id": "jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-weld@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"product": {
"name": "jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"product_id": "jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-clustering@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"product": {
"name": "jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"product_id": "jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-host-controller@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"product": {
"name": "jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"product_id": "jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-configadmin@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"product": {
"name": "jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"product_id": "jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-web@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"product": {
"name": "jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"product_id": "jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-cli@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"product": {
"name": "jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"product_id": "jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-core-security@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"product": {
"name": "jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"product_id": "jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-picketlink@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"product": {
"name": "jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"product_id": "jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-modcluster@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"product": {
"name": "jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"product_id": "jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-remoting@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"product": {
"name": "jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"product_id": "jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-jsf@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"product": {
"name": "jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"product_id": "jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-management-client-content@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"product": {
"name": "jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"product_id": "jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-security@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"product": {
"name": "jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"product_id": "jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-jaxrs@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"product": {
"name": "jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"product_id": "jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-network@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"product": {
"name": "jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"product_id": "jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-osgi-configadmin@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"product": {
"name": "jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"product_id": "jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-client-all@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"product": {
"name": "jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"product_id": "jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-jsr77@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"product": {
"name": "jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"product_id": "jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-embedded@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"product": {
"name": "jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"product_id": "jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-threads@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"product": {
"name": "jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"product_id": "jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-cmp@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"product": {
"name": "jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"product_id": "jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-mail@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"product": {
"name": "jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"product_id": "jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-ee-deployment@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"product": {
"name": "jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"product_id": "jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-platform-mbean@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"product": {
"name": "jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"product_id": "jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-jpa@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"product": {
"name": "jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"product_id": "jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-messaging@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"product": {
"name": "jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"product_id": "jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-osgi-service@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"product": {
"name": "jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"product_id": "jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-appclient@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"product": {
"name": "jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"product_id": "jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-domain-management@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"product": {
"name": "jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"product_id": "jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-pojo@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"product": {
"name": "jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"product_id": "jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-server@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"product": {
"name": "jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"product_id": "jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-naming@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"product": {
"name": "jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"product_id": "jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-jacorb@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"product": {
"name": "jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"product_id": "jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-controller@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"product": {
"name": "jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"product_id": "jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-jdr@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"product": {
"name": "jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"product_id": "jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-protocol@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"product": {
"name": "jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"product_id": "jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-jmx@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"product": {
"name": "jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"product_id": "jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-logging@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"product": {
"name": "jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"product_id": "jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-domain-http@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"product": {
"name": "jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"product_id": "jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-jaxr@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"product": {
"name": "jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"product_id": "jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-transactions@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"product": {
"name": "jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"product_id": "jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-controller-client@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"product": {
"name": "jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"product_id": "jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-process-controller@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"product": {
"name": "jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"product_id": "jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-ejb3@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"product": {
"name": "jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"product_id": "jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-deployment-repository@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"product": {
"name": "jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"product_id": "jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-connector@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"product": {
"name": "jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"product_id": "jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-webservices@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"product": {
"name": "jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"product_id": "jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-deployment-scanner@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"product": {
"name": "jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"product_id": "jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-system-jmx@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"product": {
"name": "jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"product_id": "jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-sar@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"product": {
"name": "jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"product_id": "jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-version@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"product": {
"name": "jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"product_id": "jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-osgi@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"product": {
"name": "jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"product_id": "jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-ee@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"product": {
"name": "jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"product_id": "jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-xts@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"product": {
"name": "jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"product_id": "jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossas-welcome-content-eap@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"product": {
"name": "jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"product_id": "jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossas-standalone@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"product": {
"name": "jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"product_id": "jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossas-appclient@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"product": {
"name": "jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"product_id": "jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossas-domain@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"product": {
"name": "jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"product_id": "jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossas-bundles@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"product": {
"name": "jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"product_id": "jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossas-product-eap@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"product": {
"name": "jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"product_id": "jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossas-core@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"product": {
"name": "jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"product_id": "jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossas-modules-eap@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el6.noarch",
"product": {
"name": "jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el6.noarch",
"product_id": "jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jgroups@3.2.18-1.Final_redhat_1.1.ep6.el6?arch=noarch\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el6.noarch",
"product": {
"name": "jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el6.noarch",
"product_id": "jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossts@4.17.43-1.Final_redhat_1.1.ep6.el6?arch=noarch\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el6.noarch",
"product": {
"name": "jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el6.noarch",
"product_id": "jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossweb@7.5.28-1.Final_redhat_1.1.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el6.noarch",
"product": {
"name": "hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el6.noarch",
"product_id": "hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/hornetq@2.3.25-26.SP24_redhat_1.1.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el6.noarch",
"product": {
"name": "lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el6.noarch",
"product_id": "lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/lucene-solr@3.6.2-8.redhat_9.1.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el6.noarch",
"product": {
"name": "codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el6.noarch",
"product_id": "codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/codehaus-jackson-core-asl@1.9.9-12.redhat_6.1.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el6.noarch",
"product": {
"name": "codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el6.noarch",
"product_id": "codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/codehaus-jackson-mapper-asl@1.9.9-12.redhat_6.1.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el6.noarch",
"product": {
"name": "codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el6.noarch",
"product_id": "codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/codehaus-jackson@1.9.9-12.redhat_6.1.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el6.noarch",
"product": {
"name": "codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el6.noarch",
"product_id": "codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/codehaus-jackson-jaxrs@1.9.9-12.redhat_6.1.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el6.noarch",
"product": {
"name": "codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el6.noarch",
"product_id": "codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/codehaus-jackson-xc@1.9.9-12.redhat_6.1.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el6.noarch",
"product": {
"name": "picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el6.noarch",
"product_id": "picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/picketbox@4.1.7-1.Final_redhat_1.1.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"product": {
"name": "jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"product_id": "jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossas-javadocs@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"product": {
"name": "jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"product_id": "jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-weld@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"product": {
"name": "jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"product_id": "jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-clustering@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"product": {
"name": "jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"product_id": "jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-host-controller@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"product": {
"name": "jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"product_id": "jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-configadmin@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"product": {
"name": "jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"product_id": "jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-web@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"product": {
"name": "jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"product_id": "jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-cli@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"product": {
"name": "jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"product_id": "jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-core-security@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"product": {
"name": "jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"product_id": "jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-picketlink@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"product": {
"name": "jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"product_id": "jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-modcluster@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"product": {
"name": "jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"product_id": "jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-remoting@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"product": {
"name": "jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"product_id": "jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-jsf@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"product": {
"name": "jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"product_id": "jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-management-client-content@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"product": {
"name": "jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"product_id": "jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-security@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"product": {
"name": "jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"product_id": "jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-jaxrs@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"product": {
"name": "jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"product_id": "jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-network@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"product": {
"name": "jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"product_id": "jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-osgi-configadmin@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"product": {
"name": "jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"product_id": "jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-client-all@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"product": {
"name": "jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"product_id": "jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-jsr77@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"product": {
"name": "jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"product_id": "jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-embedded@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"product": {
"name": "jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"product_id": "jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-threads@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"product": {
"name": "jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"product_id": "jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-cmp@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"product": {
"name": "jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"product_id": "jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-mail@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"product": {
"name": "jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"product_id": "jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-ee-deployment@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"product": {
"name": "jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"product_id": "jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-platform-mbean@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"product": {
"name": "jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"product_id": "jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-jpa@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"product": {
"name": "jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"product_id": "jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-messaging@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"product": {
"name": "jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"product_id": "jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-osgi-service@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"product": {
"name": "jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"product_id": "jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-appclient@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"product": {
"name": "jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"product_id": "jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-domain-management@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"product": {
"name": "jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"product_id": "jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-pojo@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"product": {
"name": "jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"product_id": "jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-server@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"product": {
"name": "jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"product_id": "jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-naming@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"product": {
"name": "jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"product_id": "jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-jacorb@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"product": {
"name": "jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"product_id": "jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-controller@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"product": {
"name": "jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"product_id": "jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-jdr@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"product": {
"name": "jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"product_id": "jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-protocol@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"product": {
"name": "jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"product_id": "jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-jmx@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"product": {
"name": "jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"product_id": "jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-logging@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"product": {
"name": "jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"product_id": "jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-domain-http@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"product": {
"name": "jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"product_id": "jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-jaxr@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"product": {
"name": "jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"product_id": "jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-transactions@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"product": {
"name": "jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"product_id": "jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-controller-client@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"product": {
"name": "jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"product_id": "jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-process-controller@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"product": {
"name": "jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"product_id": "jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-ejb3@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"product": {
"name": "jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"product_id": "jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-deployment-repository@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"product": {
"name": "jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"product_id": "jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-connector@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"product": {
"name": "jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"product_id": "jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-webservices@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"product": {
"name": "jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"product_id": "jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-deployment-scanner@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"product": {
"name": "jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"product_id": "jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-system-jmx@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"product": {
"name": "jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"product_id": "jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-sar@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"product": {
"name": "jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"product_id": "jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-version@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"product": {
"name": "jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"product_id": "jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-osgi@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"product": {
"name": "jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"product_id": "jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-ee@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"product": {
"name": "jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"product_id": "jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jboss-as-xts@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"product": {
"name": "jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"product_id": "jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossas-welcome-content-eap@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"product": {
"name": "jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"product_id": "jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossas-standalone@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"product": {
"name": "jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"product_id": "jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossas-appclient@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"product": {
"name": "jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"product_id": "jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossas-domain@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"product": {
"name": "jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"product_id": "jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossas-bundles@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"product": {
"name": "jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"product_id": "jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossas-product-eap@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"product": {
"name": "jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"product_id": "jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossas-core@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"product": {
"name": "jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"product_id": "jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbossas-modules-eap@7.5.20-1.Final_redhat_1.1.ep6.el6?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el6.noarch"
},
"product_reference": "codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el6.src"
},
"product_reference": "codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el6.src",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el6.noarch"
},
"product_reference": "codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el6.noarch"
},
"product_reference": "codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el6.noarch"
},
"product_reference": "codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el6.noarch"
},
"product_reference": "codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el6.noarch"
},
"product_reference": "hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el6.src"
},
"product_reference": "hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el6.src",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch"
},
"product_reference": "jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src"
},
"product_reference": "jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch"
},
"product_reference": "jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src"
},
"product_reference": "jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch"
},
"product_reference": "jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src"
},
"product_reference": "jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch"
},
"product_reference": "jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src"
},
"product_reference": "jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch"
},
"product_reference": "jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src"
},
"product_reference": "jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch"
},
"product_reference": "jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src"
},
"product_reference": "jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch"
},
"product_reference": "jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src"
},
"product_reference": "jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch"
},
"product_reference": "jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src"
},
"product_reference": "jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch"
},
"product_reference": "jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src"
},
"product_reference": "jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch"
},
"product_reference": "jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src"
},
"product_reference": "jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch"
},
"product_reference": "jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src"
},
"product_reference": "jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch"
},
"product_reference": "jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src"
},
"product_reference": "jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch"
},
"product_reference": "jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src"
},
"product_reference": "jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch"
},
"product_reference": "jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src"
},
"product_reference": "jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch"
},
"product_reference": "jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src"
},
"product_reference": "jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch"
},
"product_reference": "jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src"
},
"product_reference": "jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch"
},
"product_reference": "jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src"
},
"product_reference": "jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch"
},
"product_reference": "jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src"
},
"product_reference": "jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch"
},
"product_reference": "jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src"
},
"product_reference": "jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch"
},
"product_reference": "jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src"
},
"product_reference": "jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch"
},
"product_reference": "jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src"
},
"product_reference": "jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch"
},
"product_reference": "jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src"
},
"product_reference": "jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch"
},
"product_reference": "jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src"
},
"product_reference": "jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch"
},
"product_reference": "jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src"
},
"product_reference": "jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch"
},
"product_reference": "jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src"
},
"product_reference": "jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch"
},
"product_reference": "jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src"
},
"product_reference": "jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch"
},
"product_reference": "jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src"
},
"product_reference": "jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch"
},
"product_reference": "jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src"
},
"product_reference": "jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch"
},
"product_reference": "jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src"
},
"product_reference": "jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch"
},
"product_reference": "jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src"
},
"product_reference": "jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch"
},
"product_reference": "jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src"
},
"product_reference": "jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch"
},
"product_reference": "jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src"
},
"product_reference": "jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch"
},
"product_reference": "jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src"
},
"product_reference": "jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch"
},
"product_reference": "jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src"
},
"product_reference": "jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch"
},
"product_reference": "jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src"
},
"product_reference": "jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch"
},
"product_reference": "jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src"
},
"product_reference": "jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch"
},
"product_reference": "jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src"
},
"product_reference": "jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch"
},
"product_reference": "jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src"
},
"product_reference": "jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch"
},
"product_reference": "jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src"
},
"product_reference": "jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch"
},
"product_reference": "jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src"
},
"product_reference": "jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch"
},
"product_reference": "jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src"
},
"product_reference": "jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch"
},
"product_reference": "jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src"
},
"product_reference": "jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch"
},
"product_reference": "jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src"
},
"product_reference": "jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch"
},
"product_reference": "jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src"
},
"product_reference": "jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch"
},
"product_reference": "jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src"
},
"product_reference": "jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch"
},
"product_reference": "jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src"
},
"product_reference": "jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch"
},
"product_reference": "jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src"
},
"product_reference": "jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch"
},
"product_reference": "jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src"
},
"product_reference": "jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch"
},
"product_reference": "jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src"
},
"product_reference": "jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch"
},
"product_reference": "jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src"
},
"product_reference": "jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch"
},
"product_reference": "jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src"
},
"product_reference": "jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch"
},
"product_reference": "jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src"
},
"product_reference": "jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch"
},
"product_reference": "jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src"
},
"product_reference": "jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch"
},
"product_reference": "jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src"
},
"product_reference": "jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch"
},
"product_reference": "jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src"
},
"product_reference": "jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch"
},
"product_reference": "jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src"
},
"product_reference": "jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch"
},
"product_reference": "jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src"
},
"product_reference": "jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch"
},
"product_reference": "jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src"
},
"product_reference": "jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch"
},
"product_reference": "jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src"
},
"product_reference": "jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch"
},
"product_reference": "jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src"
},
"product_reference": "jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch"
},
"product_reference": "jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src"
},
"product_reference": "jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch"
},
"product_reference": "jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src"
},
"product_reference": "jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch"
},
"product_reference": "jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src"
},
"product_reference": "jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el6.noarch"
},
"product_reference": "jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el6.src"
},
"product_reference": "jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el6.src",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el6.noarch"
},
"product_reference": "jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el6.src"
},
"product_reference": "jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el6.src",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el6.noarch"
},
"product_reference": "jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el6.src"
},
"product_reference": "jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el6.src",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el6.noarch"
},
"product_reference": "lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el6.src"
},
"product_reference": "lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el6.src",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el6.noarch"
},
"product_reference": "picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el6.noarch",
"relates_to_product_reference": "6Server-JBEAP-6.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
"product_id": "6Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el6.src"
},
"product_reference": "picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el6.src",
"relates_to_product_reference": "6Server-JBEAP-6.4"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2016-4978",
"discovery_date": "2016-09-23T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1379207"
}
],
"notes": [
{
"category": "description",
"text": "It was found that use of a JMS ObjectMessage does not safely handle user supplied data when deserializing objects. A remote attacker could use this flaw to execute arbitrary code with the permissions of the application using a JMS ObjectMessage.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Artemis: Deserialization of untrusted input vulnerability",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el6.src",
"6Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el6.src",
"6Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el6.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2016-4978"
},
{
"category": "external",
"summary": "RHBZ#1379207",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1379207"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2016-4978",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-4978"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2016-4978",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2016-4978"
}
],
"release_date": "2016-09-23T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-05-14T20:36:31+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el6.src",
"6Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el6.src",
"6Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el6.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:1449"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:S/C:P/I:P/A:P",
"version": "2.0"
},
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:L",
"version": "3.0"
},
"products": [
"6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el6.src",
"6Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el6.src",
"6Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el6.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "Artemis: Deserialization of untrusted input vulnerability"
},
{
"cve": "CVE-2017-3163",
"cwe": {
"id": "CWE-22",
"name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
},
"discovery_date": "2017-05-21T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1454783"
}
],
"notes": [
{
"category": "description",
"text": "When using the Index Replication feature, Apache Solr nodes can pull index files from a master/leader node using an HTTP API which accepts a file name. However, Solr before 5.5.4 and 6.x before 6.4.1 did not validate the file name, hence it was possible to craft a special request involving path traversal, leaving any file readable to the Solr server process exposed. Solr servers protected and restricted by firewall rules and/or authentication would not be at risk since only trusted clients and users would gain direct HTTP access.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "solr: Directory traversal via Index Replication HTTP API",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el6.src",
"6Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el6.src",
"6Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el6.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-3163"
},
{
"category": "external",
"summary": "RHBZ#1454783",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1454783"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-3163",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3163"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-3163",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-3163"
}
],
"release_date": "2017-02-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-05-14T20:36:31+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el6.src",
"6Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el6.src",
"6Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el6.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:1449"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"products": [
"6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el6.src",
"6Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el6.src",
"6Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el6.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "solr: Directory traversal via Index Replication HTTP API"
},
{
"acknowledgments": [
{
"names": [
"Liao Xinxi"
],
"organization": "NSFOCUS"
}
],
"cve": "CVE-2017-7525",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2017-06-16T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1462702"
}
],
"notes": [
{
"category": "description",
"text": "A deserialization flaw was discovered in the jackson-databind which could allow an unauthenticated user to perform code execution by sending the maliciously crafted input to the readValue method of the ObjectMapper.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: Deserialization vulnerability via readValue method of ObjectMapper",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue affects the versions of jackson-databind (in Satellite 6.0 and 6.1) and candlepin (which embeds a copy of jackson-databind in Satellite 6.2) as shipped with Red Hat Satellite 6.x. However the affected code is NOT used at this time:\n\nCandlepin currently uses the default type resolution configuration for the ObjectMappers it creates/uses. Nowhere in candlepin do we enable global polymorphic deserialization via enableDefaultTyping(...), therefore based on the documentation sited BZ 1462702 , candlepin should not be affected.\n\nHowever as the vulnerable software ships with the product we have marked them as vulnerable to ensure the issue is tracked.\n\nJBoss EAP 7.x only uses the vulnerable Jackson Databind library for marshalling and unmarshalling of JSON objects passed to JAX-RS webservices. Some advise about how to remain safe when using JAX-RS webservices on JBoss EAP 7.x is available here: \n\nhttps://access.redhat.com/solutions/3279231\n\nAlthough JBoss Fuse ships the vulnerable version of jackson-databind, it does not call on enableDefaultTyping() for any polymorphic deserialization operations which is the root cause of this vulnerability. We have raised a Jira tracker to ensure that jackson-databind will be upgraded for Fuse 7.0, however due to feasibility issues jackson-databind cannot be upgraded in JBoss Fuse 6.3.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el6.src",
"6Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el6.src",
"6Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el6.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-7525"
},
{
"category": "external",
"summary": "RHBZ#1462702",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1462702"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-7525",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-7525"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-7525",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-7525"
}
],
"release_date": "2017-07-14T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-05-14T20:36:31+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el6.src",
"6Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el6.src",
"6Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el6.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:1449"
},
{
"category": "workaround",
"details": "Mitigation to this problem is to not trigger polymorphic desrialization globally by using: objectMapper.enableDefaultTyping() and rather use @JsonTypeInfo on the class property to explicitly define the type information. For more information on this issue please refer to https://www.github.com/mbechler/marshalsec/blob/master/marshalsec.pdf?raw=true",
"product_ids": [
"6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el6.src",
"6Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el6.src",
"6Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el6.src"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el6.src",
"6Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el6.src",
"6Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el6.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "jackson-databind: Deserialization vulnerability via readValue method of ObjectMapper"
},
{
"acknowledgments": [
{
"names": [
"Liao Xinxi"
],
"organization": "NSFOCUS"
}
],
"cve": "CVE-2017-15095",
"cwe": {
"id": "CWE-184",
"name": "Incomplete List of Disallowed Inputs"
},
"discovery_date": "2017-10-14T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1506612"
}
],
"notes": [
{
"category": "description",
"text": "A deserialization flaw was discovered in the jackson-databind which could allow an unauthenticated user to perform code execution by sending the maliciously crafted input to the readValue method of the ObjectMapper. This issue extends the previous flaw CVE-2017-7525 by blacklisting more classes that could be used maliciously.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: Unsafe deserialization due to incomplete black list (incomplete fix for CVE-2017-7525)",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue affects the versions of jackson-databind (in Satellite 6.0 and 6.1) and candlepin (which embeds a copy of jackson-databind in Satellite 6.2) as shipped with Red Hat Satellite 6.x. However the affected code is NOT used at this time:\n\nCandlepin currently uses the default type resolution configuration for the ObjectMappers it creates/uses. Nowhere in candlepin do we enable global polymorphic deserialization via enableDefaultTyping(...), therefore based on the documentation sited BZ 1462702 , candlepin should not be affected.\n\nHowever as the vulnerable software ships with the product we have marked them as vulnerable to ensure the issue is tracked.\n\nJBoss EAP 7.x only uses the vulnerable Jackson Databind library for marshalling and unmarshalling of JSON objects passed to JAX-RS webservices. Some advise about how to remain safe when using JAX-RS webservices on JBoss EAP 7.x is available here: \n\nhttps://access.redhat.com/solutions/3279231",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el6.src",
"6Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el6.src",
"6Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el6.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-15095"
},
{
"category": "external",
"summary": "RHBZ#1506612",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1506612"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-15095",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-15095"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-15095",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-15095"
},
{
"category": "external",
"summary": "https://access.redhat.com/solutions/3442891",
"url": "https://access.redhat.com/solutions/3442891"
}
],
"release_date": "2017-11-02T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-05-14T20:36:31+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el6.src",
"6Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el6.src",
"6Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el6.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:1449"
},
{
"category": "workaround",
"details": "Mitigation to this problem is to not trigger polymorphic desrialization globally by using: objectMapper.enableDefaultTyping() and rather use @JsonTypeInfo on the class property to explicitly define the type information. For more information on this issue please refer to https://www.github.com/mbechler/marshalsec/blob/master/marshalsec.pdf?raw=true",
"product_ids": [
"6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el6.src",
"6Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el6.src",
"6Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el6.src"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el6.src",
"6Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el6.src",
"6Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el6.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "jackson-databind: Unsafe deserialization due to incomplete black list (incomplete fix for CVE-2017-7525)"
},
{
"acknowledgments": [
{
"names": [
"0c0c0f from 360\u89c2\u661f\u5b9e\u9a8c\u5ba4"
]
}
],
"cve": "CVE-2017-17485",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2017-12-06T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1528565"
}
],
"notes": [
{
"category": "description",
"text": "A deserialization flaw was discovered in the jackson-databind which could allow an unauthenticated user to perform code execution by sending maliciously crafted input to the readValue method of ObjectMapper. This issue extends upon the previous flaws CVE-2017-7525 and CVE-2017-15095 by blacklisting more classes that could be used maliciously.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: Unsafe deserialization due to incomplete black list (incomplete fix for CVE-2017-15095)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el6.src",
"6Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el6.src",
"6Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el6.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-17485"
},
{
"category": "external",
"summary": "RHBZ#1528565",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1528565"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-17485",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-17485"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-17485",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-17485"
},
{
"category": "external",
"summary": "https://access.redhat.com/solutions/3442891",
"url": "https://access.redhat.com/solutions/3442891"
}
],
"release_date": "2017-12-12T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-05-14T20:36:31+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el6.src",
"6Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el6.src",
"6Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el6.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:1449"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el6.src",
"6Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el6.src",
"6Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el6.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "jackson-databind: Unsafe deserialization due to incomplete black list (incomplete fix for CVE-2017-15095)"
},
{
"cve": "CVE-2018-1304",
"cwe": {
"id": "CWE-284",
"name": "Improper Access Control"
},
"discovery_date": "2018-02-23T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1548289"
}
],
"notes": [
{
"category": "description",
"text": "The URL pattern of \"\" (the empty string) which exactly maps to the context root was not correctly handled in Apache Tomcat 9.0.0.M1 to 9.0.4, 8.5.0 to 8.5.27, 8.0.0.RC1 to 8.0.49 and 7.0.0 to 7.0.84 when used as part of a security constraint definition. This caused the constraint to be ignored. It was, therefore, possible for unauthorised users to gain access to web application resources that should have been protected. Only security constraints with a URL pattern of the empty string were affected.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "tomcat: Incorrect handling of empty string URL in security constraints can lead to unintended exposure of resources",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el6.src",
"6Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el6.src",
"6Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el6.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-1304"
},
{
"category": "external",
"summary": "RHBZ#1548289",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1548289"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-1304",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1304"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-1304",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-1304"
},
{
"category": "external",
"summary": "https://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.85",
"url": "https://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.85"
},
{
"category": "external",
"summary": "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.0.50",
"url": "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.0.50"
},
{
"category": "external",
"summary": "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.28",
"url": "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.28"
}
],
"release_date": "2018-01-31T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-05-14T20:36:31+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el6.src",
"6Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el6.src",
"6Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el6.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:1449"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el6.src",
"6Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el6.src",
"6Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el6.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "tomcat: Incorrect handling of empty string URL in security constraints can lead to unintended exposure of resources"
},
{
"cve": "CVE-2018-7489",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2018-02-26T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1549276"
}
],
"notes": [
{
"category": "description",
"text": "FasterXML jackson-databind before 2.7.9.3, 2.8.x before 2.8.11.1 and 2.9.x before 2.9.5 allows unauthenticated remote code execution because of an incomplete fix for the CVE-2017-7525 deserialization flaw. This is exploitable by sending maliciously crafted JSON input to the readValue method of the ObjectMapper, bypassing a blacklist that is ineffective if the c3p0 libraries are available in the classpath.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: incomplete fix for CVE-2017-7525 permits unsafe serialization via c3p0 libraries",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Subscription Asset Manager is now in a reduced support phase receiving only Critical impact security fixes. This issue has been rated as having a security impact of Moderate, and is not currently planned to be addressed in future updates.\n\nSatellite 6.2 does not support c3p0 classes. Since the latter are required for this flaw, therefore Satellite 6.2 is not affected. Satellite 6.3 and 6.4 are not affected because Candlepin does not use polymorphic deserialization.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el6.src",
"6Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el6.src",
"6Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el6.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-7489"
},
{
"category": "external",
"summary": "RHBZ#1549276",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1549276"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-7489",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-7489"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-7489",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-7489"
},
{
"category": "external",
"summary": "https://access.redhat.com/solutions/3442891",
"url": "https://access.redhat.com/solutions/3442891"
}
],
"release_date": "2018-02-26T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-05-14T20:36:31+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el6.src",
"6Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el6.src",
"6Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el6.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:1449"
},
{
"category": "workaround",
"details": "Advice on how to remain safe while using JAX-RS webservices on JBoss EAP 7.x is available here:\n\nhttps://access.redhat.com/solutions/3279231\nhttps://github.com/FasterXML/jackson-docs/wiki/JacksonPolymorphicDeserialization\n\nGeneral Mitigation: \nTry to avoid \n* Deserialization from sources you do not control\n* `enableDefaultTyping()`\n* `@JsonTypeInfo using `id.CLASS` or `id.MINIMAL_CLASS`",
"product_ids": [
"6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el6.src",
"6Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el6.src",
"6Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el6.src"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el6.src",
"6Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el6.src",
"6Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el6.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jackson-databind: incomplete fix for CVE-2017-7525 permits unsafe serialization via c3p0 libraries"
},
{
"acknowledgments": [
{
"names": [
"Chris McCown"
]
}
],
"cve": "CVE-2018-8088",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2018-02-26T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1548909"
}
],
"notes": [
{
"category": "description",
"text": "An XML deserialization vulnerability was discovered in slf4j\u0027s EventData, which accepts an XML serialized string and can lead to arbitrary code execution.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "slf4j: Deserialisation vulnerability in EventData constructor can allow for arbitrary code execution",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Subscription Asset Manager is now in a reduced support phase receiving only Critical impact security fixes. This issue has been rated as having a security impact of Important, and is not currently planned to be addressed in future updates.\n\nThis issue did not affect the versions of Candlepin as shipped with Red Hat Satellite 6 as Candlepin uses slf4j-api and not the affected slf4j-ext (which is not on the Candlepin classpath).\n\nRed Hat Enterprise Virtualization Manager 4.1 is affected by this issue. Updated packages that address this issue are available through the Red Hat Enterprise Linux Server channels. Virtualization Manager hosts should be subscribed to these channels and obtain the updates via `yum update`.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el6.src",
"6Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el6.src",
"6Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el6.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-8088"
},
{
"category": "external",
"summary": "RHBZ#1548909",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1548909"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-8088",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-8088"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-8088",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-8088"
}
],
"release_date": "2018-02-22T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-05-14T20:36:31+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el6.src",
"6Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el6.src",
"6Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el6.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:1449"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el6.src",
"6Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-12.redhat_6.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-12.redhat_6.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-12.redhat_6.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-12.redhat_6.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el6.src",
"6Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el6.src",
"6Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el6.noarch",
"6Server-JBEAP-6.4:picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el6.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "slf4j: Deserialisation vulnerability in EventData constructor can allow for arbitrary code execution"
}
]
}
FKIE_CVE-2017-3163
Vulnerability from fkie_nvd - Published: 2017-08-30 14:29 - Updated: 2025-04-20 01:37
Severity ?
Summary
When using the Index Replication feature, Apache Solr nodes can pull index files from a master/leader node using an HTTP API which accepts a file name. However, Solr before 5.5.4 and 6.x before 6.4.1 did not validate the file name, hence it was possible to craft a special request involving path traversal, leaving any file readable to the Solr server process exposed. Solr servers protected and restricted by firewall rules and/or authentication would not be at risk since only trusted clients and users would gain direct HTTP access.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:apache:solr:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C0CB118A-E405-41E5-B25F-C151B14292A7",
"versionEndIncluding": "5.5.3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:solr:6.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "29F3170C-C5D6-431F-A2DD-692636CF5DAB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:solr:6.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "BA339070-A2BD-4559-B400-2BC2EB9923A7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:solr:6.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B737CF14-C14A-4D97-B838-47EC4A2C68C8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:solr:6.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "036F935D-B469-47C6-AF5D-3DFC73070753",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:solr:6.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "42A1A17A-32EA-40A2-9A1E-6019B493B5C1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:solr:6.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "76557E9C-1F16-44D9-ACA1-F4DAEC966F05",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:solr:6.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DE068A02-D47A-4C6C-BFD3-040385599CA5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "When using the Index Replication feature, Apache Solr nodes can pull index files from a master/leader node using an HTTP API which accepts a file name. However, Solr before 5.5.4 and 6.x before 6.4.1 did not validate the file name, hence it was possible to craft a special request involving path traversal, leaving any file readable to the Solr server process exposed. Solr servers protected and restricted by firewall rules and/or authentication would not be at risk since only trusted clients and users would gain direct HTTP access."
},
{
"lang": "es",
"value": "Cuando se usa la caracter\u00edstica Index Replication, los nodos Apache Solr pueden tomar archivos index de un nodo master/leader usando una API HTTP que acepta un nombre de archivo. Sin embargo, Solr en versiones anteriores a la 5.5.4 y en versiones 6.x anteriores a la 6.4.1 no valida el nombre de archivo, por lo que fue posible manipular una petici\u00f3n especial que involucre un salto de ruta, dejando expuestos todos los archivos legibles en el proceso de servidor Solr. Los servidores Solr protegidos y restringidos por reglas de firewall y/o autenticaci\u00f3n no estar\u00edan en riesgo ya que solo los clientes y usuarios de confianza obtendr\u00edan acceso HTTP directo."
}
],
"id": "CVE-2017-3163",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-08-30T14:29:00.207",
"references": [
{
"source": "security@apache.org",
"url": "https://access.redhat.com/errata/RHSA-2018:1447"
},
{
"source": "security@apache.org",
"url": "https://access.redhat.com/errata/RHSA-2018:1448"
},
{
"source": "security@apache.org",
"url": "https://access.redhat.com/errata/RHSA-2018:1449"
},
{
"source": "security@apache.org",
"url": "https://access.redhat.com/errata/RHSA-2018:1450"
},
{
"source": "security@apache.org",
"url": "https://access.redhat.com/errata/RHSA-2018:1451"
},
{
"source": "security@apache.org",
"url": "https://lists.apache.org/thread.html/a6a33a186f293f9f9aecf3bd39c76252bfc49a79de4321dd2a53b488%40%3Csolr-user.lucene.apache.org%3E"
},
{
"source": "security@apache.org",
"url": "https://www.debian.org/security/2018/dsa-4124"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://access.redhat.com/errata/RHSA-2018:1447"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://access.redhat.com/errata/RHSA-2018:1448"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://access.redhat.com/errata/RHSA-2018:1449"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://access.redhat.com/errata/RHSA-2018:1450"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://access.redhat.com/errata/RHSA-2018:1451"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.apache.org/thread.html/a6a33a186f293f9f9aecf3bd39c76252bfc49a79de4321dd2a53b488%40%3Csolr-user.lucene.apache.org%3E"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.debian.org/security/2018/dsa-4124"
}
],
"sourceIdentifier": "security@apache.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-22"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
CNVD-2017-32442
Vulnerability from cnvd - Published: 2017-11-02
VLAI Severity ?
Title
Apache Solr文件获取漏洞
Description
Apache Solr是美国阿帕奇(Apache)软件基金会的一款基于Lucene(一个全文检索引擎的架构)的搜索服务器,它支持层面搜索、垂直搜索、高亮显示搜索结果、多种输出格式等。
Apache Solr 5.5.4之前的版本和6.4.1之前的6.x版本中存在安全漏洞。攻击者可通过构建请求利用该漏洞获取文件。
Severity
中
Patch Name
Apache Solr文件获取漏洞的补丁
Patch Description
Apache Solr是美国阿帕奇(Apache)软件基金会的一款基于Lucene(一个全文检索引擎的架构)的搜索服务器,它支持层面搜索、垂直搜索、高亮显示搜索结果、多种输出格式等。
Apache Solr 5.5.4之前的版本和6.4.1之前的6.x版本中存在安全漏洞。攻击者可通过构建请求利用该漏洞获取文件。目前,供应商发布了安全公告及相关补丁信息,修复了此漏洞。
Formal description
厂商已发布了漏洞修复程序,请及时关注更新: https://issues.apache.org/jira/browse/SOLR-10031
Reference
https://lists.apache.org/thread.html/a6a33a186f293f9f9aecf3bd39c76252bfc49a79de4321dd2a53b488@%3Csolr-user.lucene.apache.org%3E
Impacted products
| Name | ['Apache Solr <5.5.4', 'Apache Solr 6.*,<6.4.1'] |
|---|
{
"cves": {
"cve": {
"cveNumber": "CVE-2017-3163"
}
},
"description": "Apache Solr\u662f\u7f8e\u56fd\u963f\u5e15\u5947\uff08Apache\uff09\u8f6f\u4ef6\u57fa\u91d1\u4f1a\u7684\u4e00\u6b3e\u57fa\u4e8eLucene\uff08\u4e00\u4e2a\u5168\u6587\u68c0\u7d22\u5f15\u64ce\u7684\u67b6\u6784\uff09\u7684\u641c\u7d22\u670d\u52a1\u5668\uff0c\u5b83\u652f\u6301\u5c42\u9762\u641c\u7d22\u3001\u5782\u76f4\u641c\u7d22\u3001\u9ad8\u4eae\u663e\u793a\u641c\u7d22\u7ed3\u679c\u3001\u591a\u79cd\u8f93\u51fa\u683c\u5f0f\u7b49\u3002\r\n\r\nApache Solr 5.5.4\u4e4b\u524d\u7684\u7248\u672c\u548c6.4.1\u4e4b\u524d\u76846.x\u7248\u672c\u4e2d\u5b58\u5728\u5b89\u5168\u6f0f\u6d1e\u3002\u653b\u51fb\u8005\u53ef\u901a\u8fc7\u6784\u5efa\u8bf7\u6c42\u5229\u7528\u8be5\u6f0f\u6d1e\u83b7\u53d6\u6587\u4ef6\u3002",
"discovererName": "unknwon",
"formalWay": "\u5382\u5546\u5df2\u53d1\u5e03\u4e86\u6f0f\u6d1e\u4fee\u590d\u7a0b\u5e8f\uff0c\u8bf7\u53ca\u65f6\u5173\u6ce8\u66f4\u65b0\uff1a\r\nhttps://issues.apache.org/jira/browse/SOLR-10031",
"isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
"number": "CNVD-2017-32442",
"openTime": "2017-11-02",
"patchDescription": "Apache Solr\u662f\u7f8e\u56fd\u963f\u5e15\u5947\uff08Apache\uff09\u8f6f\u4ef6\u57fa\u91d1\u4f1a\u7684\u4e00\u6b3e\u57fa\u4e8eLucene\uff08\u4e00\u4e2a\u5168\u6587\u68c0\u7d22\u5f15\u64ce\u7684\u67b6\u6784\uff09\u7684\u641c\u7d22\u670d\u52a1\u5668\uff0c\u5b83\u652f\u6301\u5c42\u9762\u641c\u7d22\u3001\u5782\u76f4\u641c\u7d22\u3001\u9ad8\u4eae\u663e\u793a\u641c\u7d22\u7ed3\u679c\u3001\u591a\u79cd\u8f93\u51fa\u683c\u5f0f\u7b49\u3002\r\n\r\nApache Solr 5.5.4\u4e4b\u524d\u7684\u7248\u672c\u548c6.4.1\u4e4b\u524d\u76846.x\u7248\u672c\u4e2d\u5b58\u5728\u5b89\u5168\u6f0f\u6d1e\u3002\u653b\u51fb\u8005\u53ef\u901a\u8fc7\u6784\u5efa\u8bf7\u6c42\u5229\u7528\u8be5\u6f0f\u6d1e\u83b7\u53d6\u6587\u4ef6\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
"patchName": "Apache Solr\u6587\u4ef6\u83b7\u53d6\u6f0f\u6d1e\u7684\u8865\u4e01",
"products": {
"product": [
"Apache Solr \u003c5.5.4",
"Apache Solr 6.*\uff0c\u003c6.4.1"
]
},
"referenceLink": "https://lists.apache.org/thread.html/a6a33a186f293f9f9aecf3bd39c76252bfc49a79de4321dd2a53b488@%3Csolr-user.lucene.apache.org%3E",
"serverity": "\u4e2d",
"submitTime": "2017-09-08",
"title": "Apache Solr\u6587\u4ef6\u83b7\u53d6\u6f0f\u6d1e"
}
GSD-2017-3163
Vulnerability from gsd - Updated: 2023-12-13 01:21Details
When using the Index Replication feature, Apache Solr nodes can pull index files from a master/leader node using an HTTP API which accepts a file name. However, Solr before 5.5.4 and 6.x before 6.4.1 did not validate the file name, hence it was possible to craft a special request involving path traversal, leaving any file readable to the Solr server process exposed. Solr servers protected and restricted by firewall rules and/or authentication would not be at risk since only trusted clients and users would gain direct HTTP access.
Aliases
Aliases
{
"GSD": {
"alias": "CVE-2017-3163",
"description": "When using the Index Replication feature, Apache Solr nodes can pull index files from a master/leader node using an HTTP API which accepts a file name. However, Solr before 5.5.4 and 6.x before 6.4.1 did not validate the file name, hence it was possible to craft a special request involving path traversal, leaving any file readable to the Solr server process exposed. Solr servers protected and restricted by firewall rules and/or authentication would not be at risk since only trusted clients and users would gain direct HTTP access.",
"id": "GSD-2017-3163",
"references": [
"https://www.debian.org/security/2018/dsa-4124",
"https://access.redhat.com/errata/RHSA-2018:1451",
"https://access.redhat.com/errata/RHSA-2018:1450",
"https://access.redhat.com/errata/RHSA-2018:1449",
"https://access.redhat.com/errata/RHSA-2018:1448",
"https://access.redhat.com/errata/RHSA-2018:1447"
]
},
"gsd": {
"metadata": {
"exploitCode": "unknown",
"remediation": "unknown",
"reportConfidence": "confirmed",
"type": "vulnerability"
},
"osvSchema": {
"aliases": [
"CVE-2017-3163"
],
"details": "When using the Index Replication feature, Apache Solr nodes can pull index files from a master/leader node using an HTTP API which accepts a file name. However, Solr before 5.5.4 and 6.x before 6.4.1 did not validate the file name, hence it was possible to craft a special request involving path traversal, leaving any file readable to the Solr server process exposed. Solr servers protected and restricted by firewall rules and/or authentication would not be at risk since only trusted clients and users would gain direct HTTP access.",
"id": "GSD-2017-3163",
"modified": "2023-12-13T01:21:15.991931Z",
"schema_version": "1.4.0"
}
},
"namespaces": {
"cve.org": {
"CVE_data_meta": {
"ASSIGNER": "security@apache.org",
"DATE_PUBLIC": "2017-02-15T00:00:00",
"ID": "CVE-2017-3163",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Apache Solr",
"version": {
"version_data": [
{
"version_value": "1.4.0 to 5.5.3"
},
{
"version_value": "6.0.0 to 6.4.0"
}
]
}
}
]
},
"vendor_name": "Apache Software Foundation"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "When using the Index Replication feature, Apache Solr nodes can pull index files from a master/leader node using an HTTP API which accepts a file name. However, Solr before 5.5.4 and 6.x before 6.4.1 did not validate the file name, hence it was possible to craft a special request involving path traversal, leaving any file readable to the Solr server process exposed. Solr servers protected and restricted by firewall rules and/or authentication would not be at risk since only trusted clients and users would gain direct HTTP access."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Information Disclosure"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "RHSA-2018:1448",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:1448"
},
{
"name": "RHSA-2018:1449",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:1449"
},
{
"name": "RHSA-2018:1450",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:1450"
},
{
"name": "RHSA-2018:1451",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:1451"
},
{
"name": "[solr-user] 20170215 [SECURITY] CVE-2017-3163 Apache Solr ReplicationHandler path traversal attack",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/a6a33a186f293f9f9aecf3bd39c76252bfc49a79de4321dd2a53b488@%3Csolr-user.lucene.apache.org%3E"
},
{
"name": "RHSA-2018:1447",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:1447"
},
{
"name": "DSA-4124",
"refsource": "DEBIAN",
"url": "https://www.debian.org/security/2018/dsa-4124"
}
]
}
},
"gitlab.com": {
"advisories": [
{
"affected_range": "(,5.5.3],[6.0.0,6.0.1],[6.1.0,6.2.1],[6.3.0,6.4.0]",
"affected_versions": "All versions up to 5.5.3, all versions starting from 6.0.0 up to 6.0.1, all versions starting from 6.1.0 up to 6.2.1, all versions starting from 6.3.0 up to 6.4.0",
"credit": "Hrishikesh Gadre of Cloudra Inc.",
"cvss_v2": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"cvss_v3": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"cwe_ids": [
"CWE-1035",
"CWE-22",
"CWE-937"
],
"date": "2018-05-17",
"description": "When using the Index Replication feature, Apache Solr nodes can pull index files from a master/leader node using an HTTP API which accepts a file name Solr does not validate the file name, hence it is possible to craft a special request involving path traversal, leaving any file readable to the Solr server process exposed. Solr servers protected and restricted by firewall rules and/or authentication would not be at risk since only trusted clients and users would gain direct HTTP access.",
"fixed_versions": [
"5.5.4",
"6.4.1"
],
"identifier": "CVE-2017-3163",
"identifiers": [
"CVE-2017-3163"
],
"not_impacted": "All versions after 5.5.3 before 6.0.0, all versions after 6.0.1 before 6.1.0, all versions after 6.2.1 before 6.3.0, all versions after 6.4.0",
"package_slug": "maven/org.apache.solr/solr-core",
"pubdate": "2017-08-30",
"solution": "Upgrade to versions 5.5.4, 6.4.1 or above.",
"title": "Path traversal attack",
"urls": [
"https://nvd.nist.gov/vuln/detail/CVE-2017-3163",
"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3163",
"https://issues.apache.org/jira/browse/SOLR-10031"
],
"uuid": "071188ba-0adf-446d-9569-e9acb76bb5ee"
}
]
},
"nvd.nist.gov": {
"configurations": {
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:apache:solr:6.3.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:solr:6.4.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:solr:6.2.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:solr:6.2.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:solr:6.0.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:solr:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "5.5.3",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:solr:6.0.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:solr:6.1.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
},
"cve": {
"CVE_data_meta": {
"ASSIGNER": "security@apache.org",
"ID": "CVE-2017-3163"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "en",
"value": "When using the Index Replication feature, Apache Solr nodes can pull index files from a master/leader node using an HTTP API which accepts a file name. However, Solr before 5.5.4 and 6.x before 6.4.1 did not validate the file name, hence it was possible to craft a special request involving path traversal, leaving any file readable to the Solr server process exposed. Solr servers protected and restricted by firewall rules and/or authentication would not be at risk since only trusted clients and users would gain direct HTTP access."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "en",
"value": "CWE-22"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "[solr-user] 20170215 [SECURITY] CVE-2017-3163 Apache Solr ReplicationHandler path traversal attack",
"refsource": "MLIST",
"tags": [
"Mailing List",
"Vendor Advisory"
],
"url": "https://lists.apache.org/thread.html/a6a33a186f293f9f9aecf3bd39c76252bfc49a79de4321dd2a53b488@%3Csolr-user.lucene.apache.org%3E"
},
{
"name": "DSA-4124",
"refsource": "DEBIAN",
"tags": [],
"url": "https://www.debian.org/security/2018/dsa-4124"
},
{
"name": "RHSA-2018:1451",
"refsource": "REDHAT",
"tags": [],
"url": "https://access.redhat.com/errata/RHSA-2018:1451"
},
{
"name": "RHSA-2018:1450",
"refsource": "REDHAT",
"tags": [],
"url": "https://access.redhat.com/errata/RHSA-2018:1450"
},
{
"name": "RHSA-2018:1449",
"refsource": "REDHAT",
"tags": [],
"url": "https://access.redhat.com/errata/RHSA-2018:1449"
},
{
"name": "RHSA-2018:1448",
"refsource": "REDHAT",
"tags": [],
"url": "https://access.redhat.com/errata/RHSA-2018:1448"
},
{
"name": "RHSA-2018:1447",
"refsource": "REDHAT",
"tags": [],
"url": "https://access.redhat.com/errata/RHSA-2018:1447"
}
]
}
},
"impact": {
"baseMetricV2": {
"cvssV2": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"userInteractionRequired": false
},
"baseMetricV3": {
"cvssV3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
},
"lastModifiedDate": "2018-05-17T01:29Z",
"publishedDate": "2017-08-30T14:29Z"
}
}
}
GHSA-387V-84CV-9QMC
Vulnerability from github – Published: 2018-10-18 16:40 – Updated: 2022-09-17 00:06
VLAI?
Summary
Improper Limitation of a Pathname ('Path Traversal') in org.apache.solr:solr-core
Details
When using the Index Replication feature, Apache Solr nodes can pull index files from a master/leader node using an HTTP API which accepts a file name. However, Solr before 5.5.4 and 6.x before 6.4.1 did not validate the file name, hence it was possible to craft a special request involving path traversal, leaving any file readable to the Solr server process exposed. Solr servers protected and restricted by firewall rules and/or authentication would not be at risk since only trusted clients and users would gain direct HTTP access.
Severity ?
7.5 (High)
{
"affected": [
{
"package": {
"ecosystem": "Maven",
"name": "org.apache.solr:solr-core"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "5.5.4"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "Maven",
"name": "org.apache.solr:solr-core"
},
"ranges": [
{
"events": [
{
"introduced": "6.0.0"
},
{
"fixed": "6.4.1"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2017-3163"
],
"database_specific": {
"cwe_ids": [
"CWE-22"
],
"github_reviewed": true,
"github_reviewed_at": "2020-06-16T20:54:26Z",
"nvd_published_at": null,
"severity": "HIGH"
},
"details": "When using the Index Replication feature, Apache Solr nodes can pull index files from a master/leader node using an HTTP API which accepts a file name. However, Solr before 5.5.4 and 6.x before 6.4.1 did not validate the file name, hence it was possible to craft a special request involving path traversal, leaving any file readable to the Solr server process exposed. Solr servers protected and restricted by firewall rules and/or authentication would not be at risk since only trusted clients and users would gain direct HTTP access.",
"id": "GHSA-387v-84cv-9qmc",
"modified": "2022-09-17T00:06:46Z",
"published": "2018-10-18T16:40:43Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-3163"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2018:1447"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2018:1448"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2018:1449"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2018:1450"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2018:1451"
},
{
"type": "ADVISORY",
"url": "https://github.com/advisories/GHSA-387v-84cv-9qmc"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/a6a33a186f293f9f9aecf3bd39c76252bfc49a79de4321dd2a53b488@%3Csolr-user.lucene.apache.org%3E"
},
{
"type": "WEB",
"url": "https://www.debian.org/security/2018/dsa-4124"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
}
],
"summary": "Improper Limitation of a Pathname (\u0027Path Traversal\u0027) in org.apache.solr:solr-core"
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…